So if you’re reading this blog, I think it’s safe to say that we agree on it being critical for financial institutions and payment processors to monitor their transactions. I would also feel comfortable assuming that we agree on the need for financial transaction data to be kept well hidden from prying eyes (and keystrokes). Though, these two points can present a bit of a dilemma: How can you monitor something that you can’t see?
Sounds like a job for INETCO Insight!
Not wanting to rest on their laurels, the crack-team of developers at INETCO have found two ways to allow organizations to monitor their SSL encrypted transactions.
In a traditional network
In a traditional network environment where all data passing over the wire is SSL encrypted, as data travels along its path from user and application servers and to other back ends, INETCO Insight captures it from SPAN or TAP ports. The INETCO Insight software monitors key exchanges and uses the network’s certificates to decrypt the transaction data—all in real-time. This captured Big Data can then be presented in intuitive INETCO Insight dashboards to provide IT Operations, Application Support, and Channel Delivery Managers all kinds of useful operational intelligence like:
- Request/response timings, so that they can be alerted to transaction slowdowns before they become failures
- Network addresses, so that they know where anomalies are actually occurring, and
- Full message payloads like transaction amounts, so that they know if an ATM is running low on cash (in the case of financial institutions)
Regardless of the ways that the data is used, INETCO Insight keeps all the transaction information secure, and blanks out or even removes specific data that should not be shared (like credit card numbers and bank account IDs) so that teams monitoring the INETCO Insight dashboards aren’t privy to sensitive information. To learn more about how this works, see a blog Marc Borbas wrote last year.
In the Cloud
Data in the cloud is even more open to potential attack, so encryption here is particularly important. In the case of transactions “hopping” through the cloud (which paints quite a tranquil metaphorical picture), SSL decryption takes place once a transaction reaches an application (or app server, or back-end). Re-encryption then occurs as the transaction leaves the application (or app server, or back-end) and begins to travel through to its next hop.
In this type of distributed environment, INETCO Insight captures decrypted data from within the app-server, as there are no TAP or SPAN ports the software can draw from. Once captured, INETCO Insight can again provide rich operational intelligence to the appropriate teams within the enterprise
In either the Traditional or Cloud-based network, there’s no need to add a separate decryption device to terminate the SSL before INETCO Insight can go to work—this transaction-centric application monitoring software does it automatically. And after capturing the information, INETCO Insight’s patent-pending, real-time transaction correlation system is able to re-assemble multi-hop, multi-step business transactions in real-time to:
- Isolate transaction issues up to 75% faster
- Decrease failed transactions by up to 25%
- Keep your end customers smiling by making sure their transactions keep flowing smoothly AND securely
For more information on transaction monitoring in SSL encrypted environments, or if you wondered how Santa REALLY does his monitoring, join us for a 30-minute demo of INETCO Insight this Tuesday, December 17th. And in the spirit of the season, for every person that attends this web demo, INETCO will donate $5 to support UNICEF’s global work for children. We hope to see you there!