The Department of Defense operates some of the most dynamic and dispersed network environments in the world, all faced with a herculean task of meeting the ever-growing demands of mission critical users.
These demands placed on DoD networks from the explosive growth in Cloud and SaaS adoption, coupled with a massive increase in remote work, has not only made DoD networks more distributed and complex, but often outpaced available capacity. The result is often crippling latency, reduced application performance and poor end-user experiences.
To compound these issues, nearly 85% of DoD’s network traffic is encrypted using SSL/TLS protocols, presenting unique challenges to unlock greater capacity. In the past, to optimize and accelerate encrypted traffic and applications involved lengthy security conversations, logistical hurdles, sharing or copying hundreds of certificates and keys, perceived network security risks, and in the end, was often deemed too risky and difficult a process for agencies, until now.
As encrypted traffic started overtaking public sector networks, Riverbed began reengineering its optimization and acceleration solutions to meet the new norm of SSL/TLS encryption. Riverbed’s enhanced SteelHead WAN Optimization and Client Accelerator solutions simplify the authentication process of SSL/TLS traffic.
Riverbed’s solutions now function like a Hardware Security Module (HSM) by granting access to the “session” key, which is unique and randomly generated, for each encrypted communication session.
This novel approach to authentication bypasses the traditional SSL/TLS “handshake” that requires public and private keys and certificates and instead allows encrypted network communications between authorized users and applications within the SteelHead optimization fabric. No sensitive keys or credentials are ever exchanged or exposed. Once an SSL/TLS session is authenticated and an encrypted connection is established, DoD agencies can easily unlock network capacity and improve application performance to meet the ever-growing demands of global users.
Extreme Latency on SATCOM Network,One of DOD’s Uniformed Services Branches (USB) operates in bandwidth-challenged remote locations across the world where a “Logistics” application, among other mission-critical applications, had been rendered inaccessible due to extreme latency on the command’s satellite network. Without this application, service technicians could not procure crucial parts needed to repair military assets, resulting in these assets being taken offline and exposing a significant operational vulnerability. Like other DoD agencies, the USB had previously been reluctant to optimize and accelerate its SSL/TLS traffic due to perceived network security concerns.
The USB had previously been working with Riverbed to optimize and accelerate its non-encrypted traffic. When evaluating and testing the enhanced network acceleration solutions, the USB was easily able to configure and deploy, identify the SSL/TLS application for acceleration, authenticate with the application’s “session” key, and establish encrypted network session. Then the USB employed traditional optimization and acceleration approaches that significantly reduced latency and unlocked network capacity, all while maintaining an encrypted environment.
With Riverbed’s enhanced network acceleration solutions, the USB was able to optimize and accelerate the SSL/TLS traffic unlocking nearly 3x satellite bandwidth capacity. More importantly, the USB was able to bring its mission-critical logistics application online, secure the parts and supplies needed to repair military assets, and support soldiers in the field.