Virtual Privacy vs. Real Security
|
|
- Corey Fowler
- 8 years ago
- Views:
Transcription
1 Virtual Privacy vs. Real Security
2 Certes Networks at a glance Leader in Multi-Layer Encryption Offices throughout North America, Asia and Europe Growing installed based with customers in 37 countries Developing high performance security solutions for wide-area networks, data centers and public cloud CERTES
3 Product Milestones and Industry Firsts First 1Gbps Ethernet Encryption Appliance First Release of CipherEngine First Multi-Layer Encryption Appliances First Variable Speed Encryption Appliances First Multi-Layer 10Gbps Encryptor CERTES
4 Customers and Partners CERTES
5 Where is your data NOT protected What is your security solution for here? Perimeter Security Defense in Depth Your Carrier says the WAN is secure because it s Virtually Private This may have been true in but today it s a dangerous & outdated concept CERTES
6 Who is it we are defending against? 9600 Baud Baby! CERTES
7 Does Privacy Equal Security? The SP says the network is secure A Product Director said security was built in to MPLS based on the following: Traffic streams are kept separate There are controls around provisioning and management There are gateways between the Public Internet and the MPLS Because they have tools to identify malicious activity CERTES
8 What is MPLS? MPLS is primarily a packet forwarding technology Traffic forwarding is based on label A packet can have multiple labels Other services have been added over the years Layer 2 or 3 VPNs Traffic Shaping Monitoring Services 1. A label is added to the packet at the edge of the MPLS network MPLS backbone 3. The label is removed when reaching the customer network 8 2. Packets are moved across the backbone using labels. The labels are swapped out by backbone routers CERTES
9 MPLS is not secure! MPLS Facts: MPLS does not provide Protection against mis-configurations Protection from attacks within the core Confidentiality, authentication or data integrity Customer Security TC TC = Traffic Class The MPLS header contains no security The IP Packet (Data Payload) is left in the clear CERTES
10 Virtual Privacy is not Real Security VPN s segment data - Privacy and Virtual Privacy are not the same as Security! MPLS (VPLS) Data is sent in the clear Metro Ethernet - Data is sent in the clear Internet Internet VPN Threats to Data in Motion Human/Machine errors often result in your data being sent to other VPN customers Man in the middle, BotNets and DDoS attacks Undetectable Data Sniffing, and Theft Easily circumvented branch firewalls leave HQ and DCs vulnerable CERTES
11 The trade off between performance and security Performance Security Modern Networks Require Any to Any Connectivity Scalability High Speed-Low Latency Performance High Availability Architectures (load balancing, DR) Layer 2-4 Services Traditional Network Encryption Limited to Point to Point connections Exponentially complex with scale Induces latency and chokes throughput Requires manual fail over procedures Masks Headers CERTES
12 Group Encryption Provides Security and Performance Our Modern Approach to Encryption Define Polices based on you existing Network or Application Topologies Topologies Applications Mesh Voice Hub and Spoke Video Multicast Control Data Hybrids FTP or other protocols Create the Keys needed to support the Policies CipherEngine uses standards based security protocols AES 256 SHA-1 IPsec Performance Security Enforce the policies without creating tunnels Preserve native routing/switching protocols and paths Layer 2 - encrypt by VLAN Layer 3 - preserve IP routs and subnets Layer 4 - maintain traffic shaping and Netflow/Jflow while encrypting By designing encryption for modern networks, we made it easy to install, and transparent to paths and performance CERTES
13 Transparent Network Security Back-up Data Center Primary Data Center Traffic If With encryption the CipherEngine Primary flows from is DC required, fails the both remote Nothing DCs a relationship (and office the to is created associated the Happens! primary between CEPs) data center. routers, are defined limiting Hubs load and balancing all of the Branches are defined as Packets Using spokesdead are peer load detection balanced at a new the head tunnel will endbe nailed up to the secondary after 90 seconds of lost packets. Because the headers remain in the clear, load balancing works with encryption. In the event of failure at the Primary In the event of a failover, traffic is rerouted with minimal packet loss because DC traffic fails over to the secondary site with minimal packet loss and no user there are no tunnels, and the Secondary intervention DC already had the correct key Remote Office Remote Office Remote Office Unencrypted traffic Encrypted traffic Remote Office CERTES
14 Case Studies
15 Financial Services Compliance driven requirements for encryption over WAN Multiple Data Centers connecting to 155 Member Banks throughout world Required low latency performance with AES 256 encryption Must support DUAL CARRIERS (no IPsec tunnels) Data Center #3 Data Center #2 Data Center #4 Data Center #1 Provider B Member Bank 155 CipherEngine Provider A Redundancy designed into the network architecture Encrypted traffic load balanced across carries under single policy No SLAs reduced or violated Member Bank 1 CERTES
16 Manufacturing and IP Protection Concerned about last mile security Policies defined and encryption keys generated and managed from Headquarter in the U.S. Multiple real-time application on an accelerated WAN Multiple China Locations China Telecom CipherEngine Hong Kong Location U.S. Headquarters Hong Kong Telecom KDDI Telecom Leased MPLS Service Tata Indiacom SingTel Deutsche Telekom Singapore R&D Germany Location Japan Location India Location 30 fully meshed sites - growing to 300 L4 encryption solution offers stealth encryption - not detectable by the carrier CERTES
17 Metro Ethernet Encryption Phased roll-out from 4 meshed sites to 26 total locations Native Layer 2 encryption for new Metro Ethernet service Encryption is segmented by VLAN IDs Policies and key manages by CipherEngine located in Headquarters Simple expansion as new sites are added CipherEngine VLAN 5, 6 Metro Ethernet Network VLAN 7 VLAN 5 VLAN 6 CERTES
18 Utilities, Smart Grid and SCADA Networks Delivers hydroelectric power to one of the largest grids in the country Solution secures Command and Control traffic as part of disaster recovery plan Required low-latency Layer 2 encryption Back Up Site Recovery Site Private Layer 2 Network Control Center Hydro Plant Critical Infrastructure includes all utility, communication and rail control grids Policy prevents the DOE from doing press releases, but they have provided direct references to other utilities CERTES CIPHEROPTICS
19 Video Content and IPTV Providers Protection of easily replicated digital assets Low Latency AES 256 Performance Multicast Support Longer term migration to Cloud TV services IPTV Source 5 Local (City) Distribution sites Layer 3 Backbone NC CipherEngine FL LA Mo FL CERTES
20 Government Customer required security for mission critical services Deployment to support 288 load balanced connections to WAN Required Low Latency performance using AES 256 Headquarters supported load balanced 1G interfaces w/ low latency 288 Embassies MoFA Headquarters Leased MPLS Service CipherEngine Redundant CEPs located at each site Full Mesh encrypted traffic between sites CERTES
21 Managed Services Hub and Spoke topology More than 130 branches being served Each credit union has own VPN back to SP data center Concerned about protecting customer financial data between credit union locations and SP data center All branch locations configured in this manner Backup Internet Router Internet Internet to MPLS Gateway Leased MPLS Service Branch Location Headquarter Data Center Credit unions deployed CEP10s within their ATM machines Demanded encryption from AT&T as part of an MPLS migration CERTES
22 Encrypted Voice Services 250 sites fully meshed on a MPLS backbone Each branch location has multiple users and VoIP One policy governs the encryption for the entire network The branch locations below is replicated at all 248 individual branches CipherEngine Data Center Headquarters Leased MPLS Service Branch Office Branch Office CERTES
23 Products: Layer 2/3/4 3Mbps to 10Gbps Variable Speed Encryption Managed with CipherEngine Line Rate Performance Low Latency High Performance Standards Based CERTES
24 CipherOptics Products HW: HW accelerated variable speed network encryption appliances with aggregate throughputs from 3Mbps - 10Gbps CEP 10 VSE Speeds 3 Mbps Encryptor 6 Mbps Encryptor 10 Mbps Encryptor 25 Mbps Encryptor 50 Mbps Encryptor CEP 100 VSE Speeds 100 Mbps Encryptor 155 Mbps Encryptor 250 Mbps Encryptor SW: Network transparent L2 Ethernet frame, L3 IPsec based encryption with IP header preservation, L4 UDP/TCP payload encryption and Virtual IP Tunnelling CEP 1000 VSE Speeds 500 Mbps Encryptor 650 Mbps Encryptor 1000 Mbps Encryptor CEP 10G VSE Speeds 2.5 Gbps Encryptor 5 gbps Encryptor 10 Gbps Encryptor CERTES
25 IPSec VPN Tunnels Vs. Group Encryption Traditional IPsec Certes Networks Group Encryption Problem Point to Point - Tunnel Based Difficult to set up and manage Requires added personnel to maintain Slows network performance Doesn t support dual carrier environments Slows or breaks multicast No Layer 4 Network Services Solution No Tunnels! - Line rate performance Easy to setup, configure and manage Single location or person can administer Supports dual carrier networks VoIP and Video compatible Compatible with Multicast applications Preserves Layer 4 Services CipherEngine Policy & Key Manager IP (Public or Private), MPLS, or Ethernet Site D CERTES
26 Thank You!
the about MPLS security
uth 22 the about truth MPLS security 11 MPLS is private. MPLS is a shared service! We use a private network is often stated as the reason for not protecting data as it travels over 3rd party networks.
More informationTrustNet CryptoFlow. Group Encryption WHITE PAPER. Executive Summary. Table of Contents
WHITE PAPER TrustNet CryptoFlow Group Encryption Table of Contents Executive Summary...1 The Challenges of Securing Any-to- Any Networks with a Point-to-Point Solution...2 A Smarter Approach to Network
More informationSafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and
SafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and Management SafeNet Network Encryption and Isolation Solution
More informationTrustNet Group Encryption
TrustNet Group Encryption Executive Summary Protecting data in motion has become a high priority for a growing number of companies. As more companies face the real and growing threat of data theft, along
More informationNovember 2013. Defining the Value of MPLS VPNs
November 2013 S P E C I A L R E P O R T Defining the Value of MPLS VPNs Table of Contents Introduction... 3 What Are VPNs?... 4 What Are MPLS VPNs?... 5 What Are the Benefits of MPLS VPNs?... 8 How Do
More informationCertes Networks Layer 4 Encryption. Network Services Impact Test Results
Certes Networks Layer 4 Encryption Network Services Impact Test Results Executive Summary One of the largest service providers in the United States tested Certes Networks Layer 4 payload encryption over
More informationBLACK BOX. EncrypTight
WAN Encryption Secure WAN links without tunnels!» Strong WAN encryption without IPsec VPN tunnels.» Multilayer encryption.» Transparent operation without latency. BLACK BOX 724-746-5500 blackbox.com/go/
More informationIncrease Simplicity and Improve Reliability with VPLS on the MX Series Routers
SOLUTION BRIEF Enterprise Data Center Interconnectivity Increase Simplicity and Improve Reliability with VPLS on the Routers Challenge As enterprises improve business continuity by enabling resource allocation
More informationCisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications
Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications Product Overview Cisco Dynamic Multipoint VPN (DMVPN) is a Cisco IOS Software-based security solution for building scalable
More informationENTERPRISE CONNECTIVITY
ENTERPRISE CONNECTIVITY IP Services for Business, Governmental & Non-Governmental Organizations The success of today s organizations and enterprises highly depends on reliable and secure connectivity.
More informationWAN Optimization. Riverbed Steelhead Appliances
WAN Optimization Riverbed Steelhead Appliances Steelhead appliances deliver the highest performance and the most scalable wide-area data services solution available, overcoming both bandwidth and latency
More informationBest Practices: The Key Things You Need to Know Now About Secure Networking Layer 1 (SONET), Layer 2 (ATM), and Layer 3 (IP) Encryption Technologies
Best Practices: The Key Things You Need to Know Now About Secure Networking Layer 1 (SONET), Layer 2 (ATM), and Layer 3 (IP) Encryption Technologies Reaching a Balance Between Communications and Security
More informationSingTel MPLS. The Great Multi Protocol Label Switching (MPLS) Migration
SingTel MPLS The Great Multi Protocol Label Switching (MPLS) Migration SingTel MPLS The Great MPLS Migration There are now a variety of alternatives when it comes to connecting multiple sites with WAN
More informationHow Proactive Business Continuity Can Protect and Grow Your Business. A CenturyLink White Paper
How Proactive Business Continuity Can Protect and Grow Your Business For most companies, business continuity planning is instantly equated with disaster recovery the reactive ability of a business to continue
More informationCARRIER MPLS VPN September 2014
CARRIER MPLS VPN September 2014 SERVICE OVERVIEW The International MPLS IP-VPN service provides a full range of VPN connectivity solutions, including: Carrier MPLS IP VPN: dedicated to operators looking
More informationGroup Encryption. The key to protecting data in motion BLACK BOX. 724-746-5500 blackbox.com
The key to protecting data in motion BLACK BOX 724-746-5500 blackbox.com Table of Contents Introduction... 3 Why data encryption?... 3 Types of data encryption... 4 The problem with IPsec... 5 The group
More informationWHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider
WHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider INTRODUCTION Multiprotocol Label Switching (MPLS), once the sole domain of major corporations and telecom carriers, has gone mainstream
More informationWAN Optimization in MPLS Networks- the Transparency Challenge!
DATE OF ISSUE May 2005 AUTHOR Efi Gat mor 103 Eisenhower Parkway Roseland, NJ 07068 USA TEL +1.888.892.1250 +1.973.618.9000 FAX +1.973.618.9254 www.expand.com WAN Optimization in MPLS Networks- the Transparency
More informationReaping the Full Benefits of a Hybrid Network
Singtel Business Product Factsheet Managed Hybrid Network Reaping the Full Benefits of a Hybrid Network Singtel Managed Hybrid Network is an innovative offering that extends the enterprise s network coverage
More informationSprint Global MPLS VPN IP Whitepaper
Sprint Global MPLS VPN IP Whitepaper Sprint Product Marketing and Product Development January 2006 Revision 7.0 1.0 MPLS VPN Marketplace Demand for MPLS (Multiprotocol Label Switching) VPNs (standardized
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationMPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper
MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper 2006-20011 EarthLink Business Page 1 EXECUTIVE SUMMARY Multiprotocol Label Switching (MPLS), once the sole domain of major corporations
More informationHigh speed Ethernet WAN: Is encryption compromising your network?
High speed Ethernet WAN: Is encryption compromising your network? Trademark: 2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names
More informationLayer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer
Layer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer Layer 2 Network Encryption where safety is not an optical illusion Todays Agenda Fibre is safe
More informationCisco Group Encrypted Transport VPN: Tunnel-less VPN Delivering Encryption and Authentication for the WAN
Cisco Group Encrypted Transport VPN: Tunnel-less VPN Delivering Encryption and Authentication for the WAN Product Overview Today s networked applications such as voice and video are accelerating the need
More informationHIGH PERFORMANCE ENCRYPTION SOLUTIONS SECURING CRITICAL NATIONAL INFRASTRUCTURE
HIGH PERFORMANCE ENCRYPTION SOLUTIONS SECURING CRITICAL NATIONAL INFRASTRUCTURE CRITICAL NATIONAL INFRASTRUCTURE The UKs national infrastructure is defined by Government as those facilities, systems, sites
More informationICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling
ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling Release: 1 ICTTEN6172A Design and configure an IP-MPLS network with virtual private network tunnelling Modification
More informationMPLS/IP VPN Services Market Update, 2014. United States
MPLS/IP VPN Services Market Update, 2014 United States August 2014 Contents Section Slide Numbers Executive Summary 4 Market Overview & Definitions 8 Drivers & Restraints 14 Market Trends & Revenue Forecasts
More informationThe Evolution of Ethernet
June 2010 White Paper The Evolution of Ethernet How Ethernet solutions, such as NTT America s VLink, can help businesses reduce private networking costs while leveraging Ethernet technology. Introduction
More informationNATIONAL RESEARCH AGENCY CASE STUDY - CCTV NETWORK SERVICES
NATIONAL RESEARCH AGENCY CASE STUDY - CCTV NWORK SERVICES A Major CCTV network and surveilance services provider chose Senetas certified high-speed encryptors to protect European law enforcement CCTV network
More informationCONNECT PROTECT SECURE. Communication, Networking and Security Solutions for Defense
CONNECT PROTECT Communication, Networking and Security Solutions for Defense Engage Communication provides Defense, Homeland Security and Intelligence Communities with innovative and cost effective solutions
More informationethernet services for multi-site connectivity security, performance, ip transparency
ethernet services for multi-site connectivity security, performance, ip transparency INTRODUCTION Interconnecting three or more sites across a metro or wide area network has traditionally been accomplished
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R F l e x i b l e N e t w o r k - B a s e d, E n t e r p r i s e - C l a s s I P
More informationAppendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
More informationMulti Protocol Label Switching (MPLS) is a core networking technology that
MPLS and MPLS VPNs: Basics for Beginners Christopher Brandon Johnson Abstract Multi Protocol Label Switching (MPLS) is a core networking technology that operates essentially in between Layers 2 and 3 of
More informationDemonstrating the high performance and feature richness of the compact MX Series
WHITE PAPER Midrange MX Series 3D Universal Edge Routers Evaluation Report Demonstrating the high performance and feature richness of the compact MX Series Copyright 2011, Juniper Networks, Inc. 1 Table
More informationState of Texas. TEX-AN Next Generation. NNI Plan
State of Texas TEX-AN Next Generation NNI Plan Table of Contents 1. INTRODUCTION... 1 1.1. Purpose... 1 2. NNI APPROACH... 2 2.1. Proposed Interconnection Capacity... 2 2.2. Collocation Equipment Requirements...
More informationPREPARED FOR ABC CORPORATION
NETWORK DESIGN PROPOSAL PREPARED FOR ABC CORPORATION Prepared by Crystal Technologies PROPRIETARY AND CO NF IDE NTIAL Network Design Proposal PREPARED FOR ABC CORPORATION INC. ARTICLE I. OVERVIEW/HISTORY
More informationISTANBUL. 1.1 MPLS overview. Alcatel Certified Business Network Specialist Part 2
1 ISTANBUL 1.1 MPLS overview 1 1.1.1 Principle Use of a ATM core network 2 Overlay Network One Virtual Circuit per communication No routing protocol Scalability problem 2 1.1.1 Principle Weakness of overlay
More informationHigh Level Overview of IPSec and MPLS IPVPNs
IPVPN High Level Overview of IPSec and MPLS IPVPNs Date: 16/0/05 Author: Warren Potts Version: 1.1 Abstract This document provides a high level overview of the differences between IPSec and MPLS based
More informationBest practices for protecting network data
Best practices for protecting network data A company s value at risk The biggest risk to network security is underestimating the threat to network security. Recent security breaches have proven that much
More informationThe term Virtual Private Networks comes with a simple three-letter acronym VPN
Application Brief Nortel Networks Virtual Private Networking solutions for service providers Service providers addressing the market for Virtual Private Networking (VPN) need solutions that effectively
More informationThe Next Generation Network:
JULY, 2012 The Next Generation Network: Why the Distributed Enterprise Should Consider Multi-circuit WAN VPN Solutions versus Traditional MPLS Tolt Solutions Network Services 125 Technology Drive Suite
More informationVirtualized Security: The Next Generation of Consolidation
Virtualization. Consolidation. Simplification. Choice. WHITE PAPER Virtualized Security: The Next Generation of Consolidation Virtualized Security: The Next Generation of Consolidation As we approach the
More informationPacnet MPLS-Based IP VPN Keeping pace with your growth
Products and Services PRIVATE NETWORKS Pacnet MPLS-Based IP VPN Keeping pace with your growth SCALABLE, FLEXIBLE, EXPANDING WITH YOUR BUSINESS Pacnet s IP VPN offers a unique proposition. With our own
More informationSite2Site VPN Optimization Solutions
XROADS NETWORKS WHITE PAPER Site2Site VPN Optimization Solutions XROADS NETWORKS - WHITE PAPER Site2Site VPN Optimization Solutions The purpose of this paper is to provide an understanding of how XRoads
More informationEvolving Your Network with Metro Ethernet and MPLS VPNs
Evolving Your Network with Metro Ethernet and MPLS VPNs Change is a constant in enterprise networking and the axiom definitely holds true when considering wide-area connectivity options. Experienced IT
More informationNetwork Management for Common Topologies How best to use LiveAction for managing WAN and campus networks
Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks April 2014 www.liveaction.com Contents 1. Introduction... 1 2. WAN Networks... 2 3. Using LiveAction
More informationMPLS provides multi-site solution
MPLS provides multi-site solution Executive Summary MPLS (Multi Protocol Label Switching) meets the need for a cost effective solution for voice and data connectivity across multiple sites. Spitfire s
More informationSession Border Controllers in Enterprise
A Light Reading Webinar Session Border Controllers in Enterprise Thursday, October 7, 2010 Hosted by Jim Hodges Senior Analyst Heavy Reading Sponsored by: Speakers Natasha Tamaskar VP Product Marketing
More informationAPPLICATION NOTE. Benefits of MPLS in the Enterprise Network
APPLICATION NOTE Benefits of MPLS in the Enterprise Network Abstract As enterprises evolve to keep pace with the ever-changing business climate, enterprises networking needs are becoming more dynamic.
More informationETHERNET WAN ENCRYPTION SOLUTIONS COMPARED
HERN WAN ENCRYPTION SOLUTIONS COMPARED KEY WORDS AND TERMS MACsec, WAN security, WAN data protection, MACsec encryption, network data protection, network data security, high-speed encryption, Senetas,
More informationVPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs.
Virtual Private LAN Service (VPLS) A WAN that thinks it s a LAN. VPLS is a high security, low latency means to connect sites or services either point-to-point or as a mesh. We use Virtual Private LAN Service
More informationManaged Services: Taking Advantage of Managed Services in the High-End Enterprise
Managed Services: Taking Advantage of Managed Services in the High-End Enterprise What You Will Learn This document explores the challenges and solutions for high-end enterprises using managed services.
More informationColt IP VPN Services. 2010 Colt Technology Services Group Limited. All rights reserved.
Colt IP VPN Services 2010 Colt Technology Services Group Limited. All rights reserved. Agenda An introduction to IP VPN Colt IP VPN Hybrid Networking Workforce Mobility Summary 2 Drivers behind IP VPN
More informationHigh Speed Ethernet WAN: Is encryption compromising your network?
High Speed Ethernet WAN: Is encryption compromising your network? 2015 Gemalto 2015. All rights reserved. Gemalto, the Gemalto logo, are trademarks and service marks of Gemalto and are registered in certain
More informationDisaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs
Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs As a head of the campus network department in the Deanship of Information Technology at King Abdulaziz University for more
More informationFirewall Security. Presented by: Daminda Perera
Firewall Security Presented by: Daminda Perera 1 Firewalls Improve network security Cannot completely eliminate threats and a=acks Responsible for screening traffic entering and/or leaving a computer network
More informationWAN and VPN Solutions:
WAN and VPN Solutions: Choosing the Best Type for Your Organization xo.com WAN and VPN Solutions: Choosing the Best Type for Your Organization WAN and VPN Solutions: Choosing the Best Type for Your Organization
More informationMPLS: Key Factors to Consider When Selecting Your MPLS Provider
White paper MPLS: Key Factors to Consider When Selecting Your MPLS Provider New Edge Networks June 2008 New Edge Networks 3000 Columbia House Blvd. Vancouver, WA 98661 360-693-9009 1-866-636-EDGE www.newedgenetworks.com
More informationPrivate Cloud Solutions Virtual Onsite Data Center
ZEROOUTAGES WHITE PAPER Private Cloud Solutions Virtual Onsite Data Center ZEROOUTAGES - WHITE PAPER Single Side / Balancing The ZeroOutages solution makes for a perfect link bonding/balancing device for
More informationUsing Carrier Ethernet to Create Cost Effective and Secure Wide Area Networks How Layer 2 Encryption Enables Better Use of Bandwidth.
White Paper Using Carrier Ethernet to Create Cost Effective and Secure Wide Area Networks How Layer 2 Encryption Enables Better Use of Bandwidth Sherman Schlar Schlar Consulting Group April 2010 Schlar
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationMPLS@NLBd.d. Janko Jager. * MPLS Multi Protocol Label Switching ** NLBd.d. Nova Ljubljanska banka d.d.
MPLS@NLBd.d. Janko Jager * MPLS Multi Protocol Label Switching ** NLBd.d. Nova Ljubljanska banka d.d. Telecommunications, Portorož, 04.10.2008 NLB d.d. 1 Foreword This presentation is about NLB d.d. experience
More informationMesh VPN Link Sharing (MVLS) Solutions
XROADS NETWORKS WHITE PAPER Mesh VPN Link Sharing (MVLS) Solutions XROADS NETWORKS - WHITE PAPER Mesh VPN Link Sharing (MVLS) Solutions The purpose of this paper is to provide an understanding of how XRoads
More informationMPLS in Private Networks Is It a Good Idea?
MPLS in Private Networks Is It a Good Idea? Jim Metzler Vice President Ashton, Metzler & Associates March 2005 Introduction The wide area network (WAN) brings indisputable value to organizations of all
More informationBT Connect Networks that think
Networks that think We run network services for 3,000 organisations in 197 countries/territories BT Ethernet Connect update, December 2011 BT Ethernet Connect Quick recap What s new/changed What s coming
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationEnterprise Business Products 2014
Enterprise Business Products 2014 Enterprise Ethernet Services EPL (Ethernet Private Line) - provides point-to-point connectivity between two business locations with scalable bandwidth speeds via an Ethernet
More informationSecuring Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
More information1.264 Lecture 37. Telecom: Enterprise networks, VPN
1.264 Lecture 37 Telecom: Enterprise networks, VPN 1 Enterprise networks Connections within enterprise External connections Remote offices Employees Customers Business partners, supply chain partners Patients
More informationMPLS Layer 3 and Layer 2 VPNs over an IP only Core. Rahul Aggarwal Juniper Networks. rahul@juniper.net
MPLS Layer 3 and Layer 2 VPNs over an IP only Core Rahul Aggarwal Juniper Networks rahul@juniper.net Agenda MPLS VPN services and transport technology Motivation for MPLS VPN services over an IP only core
More informationCisco Which VPN Solution is Right for You?
Table of Contents Which VPN Solution is Right for You?...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 NAT...2 Generic Routing Encapsulation Tunneling...2
More informationHow To Protect Your Network From Attack
Department of Computer Science Institute for System Architecture, Chair for Computer Networks Internet Services & Protocols Internet (In)Security Dr.-Ing. Stephan Groß Room: INF 3099 E-Mail: stephan.gross@tu-dresden.de
More informationData Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.
Data Networking and Architecture The course focuses on theoretical principles and practical implementation of selected Data Networking protocols and standards. Physical network architecture is described
More informationVirtual Private LAN Service (VPLS)
Virtual Private LAN Service (VPLS) Walking through Wan history, from the early days Leased lines Customers subscribe to dedicated point-to-point links Cost prohibitive for customers Started in the 1980
More informationEVALUATING NETWORKING TECHNOLOGIES
WHITE PAPER EVALUATING NETWORKING TECHNOLOGIES CONTENTS EXECUTIVE SUMMARY 01 NETWORKS HAVE CHANGED 02 Origin of VPNS Next-generation VPNS TODAY S CHOICES 04 Layer 3 VPNS Layer 2 VPNS MAKING YOUR DECISION
More informationSourcing the WAN One or Many? (Enterprise Case Study)
Sourcing the WAN One or Many? (Enterprise Case Study) Taki Remtulla CTO & Partner at ABILITA New York, April 2014 Two Enterprise Case Studies Major Oil Company in the Middle East & Financial Ins9tu9on
More informationPreparing Your IP Network for High Definition Video Conferencing
WHITE PAPER Preparing Your IP Network for High Definition Video Conferencing Contents Overview...3 Video Conferencing Bandwidth Demand...3 Bandwidth and QoS...3 Bridge (MCU) Bandwidth Demand...4 Available
More informationSecured Voice over VPN Tunnel and QoS. Feature Paper
Secured Voice over VPN Tunnel and QoS Feature Paper Table of Contents Introduction...3 Preface...3 Chapter 1: The Introduction of Virtual Private Network (VPN) 3 1.1 The Functions and Types of VPN...3
More informationHow to cut communications costs by replacing leased lines and VPNs with MPLS
in association with How to cut communications costs by replacing leased lines and VPNs with MPLS March 09 End of the line for leased lines and IPSec VPNs as MPLS comes of age Contents Executive summary
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationDNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices
DNP SCADA to SCADA Over : Standards, Regulations Security and Best Practices Earl Emerson, Director Systems Engineering RAD Data Communications 2014 Utilities Telecom Council of Canada Motivations for
More informationMPLS and IPSec A Misunderstood Relationship
# 129 TECHNOLOGY WHITE PAPER Page: 1 of 5 MPLS and IPSec A Misunderstood Relationship Jon Ranger, Riverstone Networks ABSTRACT A large quantity of misinformation and misunderstanding exists about the place
More informationSolutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.
Solutions Guide Secure Remote Access Allied Telesis provides comprehensive solutions for secure remote access. Introduction The world is generating electronic data at an astonishing rate, and that data
More informationPreparing Your IP network for High Definition Video Conferencing
White Paper Global Services April 2007 Table of Contents 1.0 OVERVIEW...3 2.0 VIDEO CONFERENCING BANDWIDTH DEMAND...3 3.0 AVAILABLE BANDWIDTH...5 3.1 Converged Network Links... 6 3.2 Dedicated Network
More informationFundamentals of MPLS for Broadcast Applications
Fundamentals of MPLS for Broadcast Applications Ron Clifton, P. Eng., BAS c, MAS c CliftonGroup International Limited Page: 1 The Paradigm Shift The connectivity and technology exist today to implement
More informationTunnel Routing. Preface. Challenge
Tunnel Routing Preface As the pace of economic globalization picks up, more and more enterprises have set up branch offices beyond the geographical boundaries. Traditionally, private leased lines are used
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationBest Practices in Legal IT. How to share data and protect critical assets across the WAN
Best Practices in Legal IT How to share data and protect critical assets across the WAN Agenda Requirements for Data Center outsourcing Timothy Titus, Director of Managed Network Services Overcoming WAN
More informationLevel 3 Solutions for FCC Rural Telehealth
Level 3 Solutions for FCC Rural Telehealth Carolyn Reuss Director, Healthcare Segment 720 888 8152 carolyn.reuss@level3.com www.level3-healthcare.com 2007 Level 3 Communications, Inc. All Rights Reserved.
More informationWAN Traffic Management with PowerLink Pro100
Whitepaper WAN Traffic Management with PowerLink Pro100 Overview In today s Internet marketplace, optimizing online presence is crucial for business success. Wan/ISP link failover and traffic management
More informationSILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE
VSPEX IMPLEMENTATION GUIDE SILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE Silver Peak Abstract This Implementation Guide describes the deployment of Silver Peak
More informationDesign Your Network For Maximum Efficiency
Design Your Network For Maximum Efficiency Terry OʼBrian Windstream Product Marketing! 2012 Windstream Communications, Inc.! Agenda! Company Overview! Businesses Need Better Networks! How MPLS Solutions
More informationAdvanced IPSec with GET VPN. Nadhem J. AlFardan Consulting System Engineer Cisco Systems nalfarda@cisco.com
Advanced IPSec with GET VPN Nadhem J. AlFardan Consulting System Engineer Cisco Systems nalfarda@cisco.com 1 Agenda Motivations for GET-enabled IPVPN GET-enabled IPVPN Overview GET Deployment Properties
More informationLecture 17 - Network Security
Lecture 17 - Network Security CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ Idea Why donʼt we just integrate some of these neat
More informationCLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE
CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE EXECUTIVE SUMMARY This application note proposes Virtual Extensible LAN (VXLAN) as a solution technology to deliver departmental segmentation, business
More informationRohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests
Rohde & Schwarz R&S Encryption Device Functionality & Performance Tests Introduction Following to our test of the Rohde & Schwarz ETH encryption device in April 28 the European Advanced Networking Test
More informationAn illustration of a company transforming to complete data security in 15 minutes
Network Security Best Practices: 15 Minutes to Complete Data Protection An illustration of a company transforming to complete data security in 15 minutes Table of Contents Table of Contents... 2 Protecting
More informationAstaro Deployment Guide High Availability Options Clustering and Hot Standby
Connect With Confidence Astaro Deployment Guide Clustering and Hot Standby Table of Contents Introduction... 2 Active/Passive HA (Hot Standby)... 2 Active/Active HA (Cluster)... 2 Astaro s HA Act as One...
More information