Rohde & Schwarz Adds Secure Shell (SSH) Classification to Acclaimed R&S PACE 2 Deep Packet Inspection (DPI) Engine
November 2018 by Patrick LEBRETON
ipoque GmbH, a Rohde & Schwarz company, announce new Secure Shell (SSH) metadata extraction capabilities for its acclaimed R&S PACE 2 deep packet inspection (DPI) engine. These new enhancements enable its vendor customers to offer greater security for network services over unsecured IP networks.
Optimal use of the SSH protocol requires proper configuration of parameters to prevent and avoid potential vulnerabilities. R&S PACE 2’s new capabilities enable it to inspect and extract metadata, provide complete visibility into SSH connection security, and detect/prevent vulnerabilities that could be exploited by hackers and other malicious network intruders.
The latest release 18.11.16 of PACE 2 features an advanced SSH decoder that extracts metrics and measures such as the MAC algorithm, key exchange (KEX) algorithm, public keys, certificates and various other connection parameters. As a result, vendors of network equipment such as firewalls or secure SD-WANs can evaluate the strength of the security mechanisms implemented by the SSH protocol and apply policies to avoid misconfigurations that negatively impact the security of SSH connections. These include weak MAC hashing algorithms (such as MD5), short hashing values for MAC (such as 96 bits), or encryption algorithms with known issues (such as RC4).
To learn more about how IT security equipment vendors use the DPI engine R&S PACE 2 to enhance their network protection products and add value for their customers, read the network security white paper or read the network security case studies.