The NCCoE at NIST recognizes the challenges associated with compliance, operations, and security when enterprises employ encrypted protocols, in particular Transport Layer Security (TLS) 1.3, in their data centers. This project will use commercially available technologies to demonstrate a range of approaches for enabling necessary intra-enterprise access to unencrypted/decrypted information. Scenarios to be included in the demonstrations include the following:
- Rapidly troubleshooting and fixing issues when availability and operational issues occur
- Proactively detecting and isolating performance issues for multi-tier applications
- Rapidly triaging indicators of compromise
- Tracing paths of attacks as they pivot laterally across internal networks for forensic analysis purposes
Proposed solutions are not required to address all challenges and all scenarios, although comprehensive solutions are strongly encouraged.
The project resulted from the NCCoE virtual workshop which discussed compliance, operations, and security challenges with modern encrypted protocols in September 2020. View the workshop recording and other resources.