How Cisco’s newest security tool can detect malware in encrypted traffic

Cisco’s Encrypted Traffic Analytics (ETA), a software platform that monitors network packet metadata to detect malicious traffic, even if its encrypted, is now generally available.

The company initially launched ETA in June, 2017 during the launch of its intent-based network strategy and it’s been in a private preview since then. Today Cisco rolled ETA out beyond just the enterprises switches it was originally designed for and made it available on current and previous generation data center network hardware too.

+MORE AT NETWORK WORLD: What is intent based networking? | Why intent based networking could be a big deal +


Cisco’s Encrypted Traffic Analytics uses a software named Stealthwatch to compare the metadata of benign and malicious network packets to identified malicious traffic, even if its encrypted.

What ETA is

Encrypted Traffic Analytics is a product deployed on customers’ premises that monitors their network and collects information about traffic flows. It uses a series of sensors placed throughout the network to screen all traffic traversing through it. ETA uses a combination of local analysis engines combined with a cloud-based platform that analyzes anonymized metadata about network traffic to search for and block malicious traffic, even if it’s encrypted. 

Leave a Reply

Your email address will not be published. Required fields are marked *