We recently added mTLS support to our layer 7 DDoS protection service to give you more flexibility in authentication for applications that need an added measure of security.
What is mTLS?
Mutual Transport Layer Security (mTLS) is an extension of the Transport Layer Security (TLS) protocol that allows for mutual authentication between a server and its clients.
Where TLS provides one-way authentication through TLS certificates that are suitable for most web scenarios, mTLS goes a step further and requires that both the server and the client verify each other’s certificates before a connection is successfully established. Once both sides are authenticated, a secret key is created and shared between both parties so that communications can be kept secure thereafter.
It’s similar to the two-factor authentication (2FA) that you might be familiar with on your online banking applications, social media platforms, and many subscription-based e-commerce sites.
What is mTLS used for?
Organizations may incorporate mTLS in their private network to verify the credentials of their employees. This is useful to securely authorize a remote employee access to files and folders stored somewhere in the organization’s network, for example.
mTLS is complementary to zero trust networks – a security framework in which no client or device is trusted by default, whether they originate from within or outside of the network.
Beyond the corporate world, mTLS is also sometimes used in some set-and-forget devices like smart plugs, sensors, and thermostats as a part of the Internet of Things (IoT). As these internet-connected devices are typically designed to stand by until they’re called upon to perform an action, whether manually or through automation, they don’t typically need a login. mTLS ensures that these IoT connections are verified and secure.
Due to the two-way authentication between a server and client, mTLS also inherently provides a layer of protection against some common web-based attacks that rely on gaining unauthorized access to a network, like phishing, spoofing, and other forms of impersonation attacks.
How do I start using mTLS with my Zenlayer DDoS Protection service?
You can enable mTLS on our DDoS Protection Console. If you don’t have access to the console or need help setting it up, please reach out to our solution experts and they’ll be more than glad to help!
New to Zenlayer DDoS Protection? Try it out now!
Protect your business with Zenlayer DDoS Protection – powered by 13 global scrubbing centers to defend your employees and users from DDoS attacks. In addition, Zenlayer’s 2,300+ global transit and peering interconnections help improve your network’s performance, latency, and data ingestion. Our comprehensive solution and proprietary algorithms ensure that your bandwidth is spent only on traffic you want.
Want to get your ultimate peace of mind? Reach out to a solution expert today to get started!