General 2min de Leitura - 26 de July de 2016

HTTPS Proxy: Understand how it works

Números binários sobrepostos

This post is also available in: Português English Español

In recent years, there has been a very substantial increase in web applications of a wide variety of types and purposes, many of them working with sensitive or private data of users and companies.

The SaaS (Software as a Service) movement in recent years has allowed for the emergence of many businesses and new ways of doing traditional tasks. It is possible to cite countless cases of startups that are becoming increasingly mature in their business models, generating impact for companies of varying sizes.

Because many applications, once stored in private structures within organizations, migrated to the Internet, a robust layer of security is critical to ensuring the integrity and privacy of information.

In this sense, the protocol that solves this demand is the SSL/TLS integrated to the HTTP protocol, forming, therefore the HTTPS, which is nothing more than the HTTP protocol under an intermediate layer of security that allows it to encrypt the client data until the communication.

HTTPS has always been well known for being massively used in e-commerce and internet banking applications as they passed information on access credentials, or any other sensitive information. The increase in the number of web applications, for the most varied purposes, has also increased HTTPS traffic in corporate networks, and since it is encrypted traffic, in principle, it is not possible to know its readable part.

The main reflection around this subject is associated with how to control this type of traffic, including HTTPS proxyoperating model, as an alternative to guarantee control and security for organizations.

How HTTPS Proxy works

As a web proxyis well positioned in a network architecture, where traffic is tapered, it is possible that the network not only accepts requests, but also the content is manipulated.

Thus, for an HTTPS connection, the proxy has the ability to make a secure connection with the remote address being requested, and to present its own certificate (usually self-signed), thus having access to all data of the communication, accepting or blocking the request.

To perform this operation, the HTTPS proxyperforms an attack known as Man-in-The-Middle (MITM). As mentioned above, a secure connection management is performed with the remote site, and the other is performed between the client and the proxy.

Some browsers and applications generate alarms stating that the connection is not secure; this is because, for the client, the certificate is generated by the HTTPS proxyitself.

In order to configure the proxy certificate on users’ computers in a transparent and automated way, you can distribute the certificate through the domain controller, reducing user notifications and ensuring the security of the environment.

The important thing for companies is to improve control over HTTPS connections, since most of the applications have migrated to the web platform, concentrating confidential data of users, such as Social Security number, passwords, number of cards etc., making use of the prerequisite encryption.

After reflecting on the characteristics of the HTTPS protocol, as well as HTTPS proxyoperation, you will have subsidies to evaluate if the currently installed corporate solution fully meets the demands of control over the web applications on the market.

If it is diagnosed that the current web proxy solution does not meet the needs related to the HTTPS protocol, it is important to check ways to get around this problem, otherwise much of the traffic generated in the corporate network may not be viewed and properly controlled, for the corporate environment.

This post is also available in: Português English Español