TLS Termination

The private keys used for Transport Layer Security (TLS) are a prime target for bad actors. If hackers can obtain the private key material, they can authenticate as if they were that organization. They can spoof identity, intercept traffic and cause immense damage.

Protecting the TLS private key repository is challenging. In addition to security requirements, any protection needs to deliver exceptional performance that minimizes latency. In modern Service Mesh deployments, proxy services such as Hashicorp Consul or Envoy are storing private keys to terminate TLS connections on behalf of sensitive back-end applications.

Anjuna Runtime Security can protect the private keys used in TLS termination to avoid potential compromise. Anjuna protects keys close to where connection is handled and maintains secure isolation. This avoids the latency that results from roundtrip traffic needed for conventional HSMs or isolated servers. For Anjuna, the key material is stored and manipulated in a secure enclave inside of the CPU. The high-performance CPU minimizes latency so organizations can enjoy performant TLS termination. Anjuna delivers confidence with the knowledge that sensitive TLS keys are secured at runtime against compromise.