Firewall Manufacturers and HTTPS Scanning

Here are some interesting facts:

  • According to new research, HTTPS traffic will represent 75% of all web traffic by the end of 2019.
  • Cisco released new statistics that said 70% of all attacks in 2017 occurred over HTTPS connections.
  • Google Chrome is going to be labeling HTTP websites as Insecure later this year.

If your firewall cannot scan HTTPS traffic, known as Deep Packet Inspection (DPI), you will not be able to detect the majority of the threats on web traffic.  As of this writing, Cisco Meraki is one of the major firewall vendors that cannot do HTTPS inspection.  I imagine it will be coming, but when it does it will be too late.

Make sure the firewall you use or evaluate can do HTTPS traffic inspection.