Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NIST National Cybersecurity Center of Excellence (NCCoE) has released the final practice guide, NIST SP 1800-37, Addressing Visibility Challenges with TLS 1.3. This practice guide illustrates practical approaches that users can adopt to gain visibility into Transport Layer Security (TLS) 1.3-protected network traffic for application servers within their controlled enterprise data centers.
Many enterprises rely on network monitoring and inspection tools to implement critical cybersecurity, operational, and regulatory controls, such as intrusion detection, troubleshooting, and fraud monitoring. Some of these organizations have faced challenges migrating to TLS 1.3 because some of the techniques used with TLS 1.2 to gain network traffic visibility no longer work with TLS 1.3. NIST collaborated with private sector collaborators to demonstrate that necessary visibility within the enterprise can be achieved while implementing TLS 1.3.
Working with private sector collaborators, NIST demonstrated approaches to achieve visibility into network traffic within enterprise data centers, while promoting enterprise migration from TLS 1.2 to TLS 1.3. Addressing these visibility concerns also enables organizations to migrate to quantum resistant algorithms introduced in TLS 1.3.