Https Scan and malware/ detection of abnomal behaviour

Koron
Koron Posts: 6
in F-Secure SENSE Router

if https is not scannend and most of iot devices use https how will this device (sense) help secure my network or the abnormal behaviour of the affected device if it doesn't know what its up to?

Like

Comments

  • Ukko
    Ukko Posts: 3,311 Superuser
    @Koron wrote:

    if https is not scannend and most of iot devices use https how will this device (sense) help secure my network or the abnormal behaviour of the affected device if it doesn't know what its up to?

    Hello,

     

    Sorry for my reply.

     

    Since there not comes any official replies yet. I decided to place some of my own suggestions;

     

    Based on your description there can be next meanings (maybe):

     

    --> HTTPS is not scanned (properly), but probably it possible to detect something 'before' established connection (and not certain pages under domain); So - if there is outcoming connection to known 'suspicious' IP (?!) or domain -- probably it anyway prevented.

     

    --> So - if most of this devices use https, but does it possible that there is not possible to use 'http'?

    And if possible - so maybe it can be a trigger for "not normal" situation as "connection under http";

     

    --> Also, as example, quite active status and network usage by this devices; Or kind of "not expected" view of this;

     

    Generally - I able to think that there is can be many of meanings (based on multi-layers protection; and only as additional points about certain specific features for this devices); And abilities handling "not normal situations" (also based on potential known troubles);

     

    I also able to think that there is quite many limitations and potential 'troubles with design" - so will be interesting to read official response from F-Secure SENSE team;

     

    Thanks!

    Like
This discussion has been closed.

Categories