Using Carrier Ethernet to Create Cost Effective and Secure Wide Area Networks How Layer 2 Encryption Enables Better Use of Bandwidth.
|
|
- Victoria Payne
- 8 years ago
- Views:
Transcription
1 White Paper Using Carrier Ethernet to Create Cost Effective and Secure Wide Area Networks How Layer 2 Encryption Enables Better Use of Bandwidth Sherman Schlar Schlar Consulting Group April 2010 Schlar Consulting Group 21 Garland Road West Hartford, CT USA Study sponsored by:
2 Table of Contents Executive Summary... 3 Introduction... 3 Carrier Ethernet Networks... 4 Carrier Ethernet Networks and High Speed Highway Systems... 4 Secure Carrier Ethernet Networks... 5 General Approaches to Network Security... 5 Carrier Ethernet s Rise in Popularity... 5 Ethernet Encryption... 6 Topologies... 7 The Need for Encryption... 7 Encryption as Applied to Carrier Networks... 8 Layer 2 Encryption... 9 Layer 3 Encryption... 9 Best Practices and Applications Summary Thales Datacryptor About the Author About Thales Schlar Consulting Group Page 2
3 Executive Summary As government and corporate network traffic continues to increase and new applications such as video conferencing and collaboration have gone mainstream, IT managers are challenged to keep up with these demands while maintaining reasonable operating costs. This problem is particularly apparent in wide area networks (WANs) due to the high cost and limited bandwidth associated with legacy private connections. Many of today s aging private networks are no longer able to meet traffic demands, so migration to higher capacity transport services are often provisioned to resolve this issue. A number of leading network service providers now offer innovative Carrier Ethernet network services which deliver high speed WAN connectivity at affordable rates. These Ethernet-based services integrate easily with existing local area network (LAN) topologies and equipment, making their economic and technical advantages attractive to enterprise customers. According to a recent report issued by the Insight Research Corporation 1, these services are one of the fastest growing segments of the telecom market and are experiencing annual growth rates of around 30 per cent. While end-to-end Ethernet data transport offers tremendous advantages to the enterprise, the service offerings are not inherently secure. Government organizations and enterprises must remain vigilant in maintaining network security when selecting a shared public Carrier Ethernet service. Several different approaches to network-based encryption have emerged that successfully address this need. This paper addresses the concerns often expressed by Chief Information Officers (CIOs), Chief Information Security Officers (CSIOs), and network architects when faced with balancing cost and risks associated with data transport over shared infrastructures. The focus of this paper is on how network encryption can be combined with Carrier Ethernet services to build scalable and secure high performance WANs that meet current and future customer demands. Introduction Today s cost conscious businesses and corporations are continually looking for ways to improve the efficiency and performance of their IT infrastructure while simultaneously controlling costs. For companies with multiple locations or geographically dispersed facilities, recurring wide area data and voice network costs are major components in their overall IT budget, often amounting to tens or hundreds of thousands of dollars per month. While many businesses still rely on traditional leased line networks for their wide area data and voice networking, the bandwidth and performance of these legacy networks are no longer adequate to meet the needs of most businesses. Through unplanned growth cycles and ad hoc network installations, many enterprises still maintain separate voice, data, and video networks. Many of these companies have come to realize that the bandwidth, equipment, and support costs associated with 1 Schlar Consulting Group Page 3
4 maintaining separate networks make this un-architected approach a poor choice and are turning to new Ethernet services to consolidate their infrastructure end-to-end. While offering tremendous operational advantages, Carrier Ethernet as a shared service exposes data to an environment that is more vulnerable to interception and compromise. As a result, finding and applying technologies to mitigate these risks is imperative in order to take full advantage of these new data transport options available to the enterprise customer. Carrier Ethernet Networks Recent innovations in carrier-based WANs have created several attractive alternatives to dedicated or leased line, Asynchronous Transfer Mode (ATM), and Frame Relay services among others. For the purpose of this paper, we ll refer to the new carrier-based WANs as Carrier Ethernet, but commercially, the offerings are marketed under a variety of different names, including WAN Ethernet, End-to-End Ethernet, Metro Ethernet, and Ethernet Private Line (EPL). These services operate over shared optical backbones and are available in the U.S. and globally from a variety of leading service providers. All offer affordable high performance LAN or near-lan speed wide area connectivity and connect directly to conventional Ethernet routers and switches, making them easy to install, configure, and maintain. At the low end, services typically start at bandwidths of 10 Mbits/second extending up to 10 Gbits/second. These network services also support a variety of network topologies, including point-to-point, multipoint, hub and spoke, and mesh. Scalable bandwidth is also available, so network capacity across these links can be easily provisioned as traffic increases. Carrier Ethernet Networks and High Speed Highway Systems One way to understand how Ethernet LANs and Carrier Ethernet WANs seamlessly work together is with an analogy to the local and high-speed road system. In the early twentieth century, cities and towns across developing nations had their own network of paved local roads. Using this network of roads, drivers could easily travel throughout their neighborhood or across town. Getting out of town, however, was another matter altogether. Not far past city limits, well-paved local roads soon disappeared, replaced by slow and narrow country roads. As a result, long distance intercity travel by automobile was nonexistent and the only feasible alternative was by railroad where available. With the advent of high-speed highways connecting cities within continents, end-to-end automobile travel became possible. A similar analogy holds true when connecting separate Ethernet LANs together with Carrier Ethernet WANs. With end-to-end Ethernet networking, data moves seamlessly across the network at high-speed, linking together all sites with a single, easily managed high performance network. Schlar Consulting Group Page 4
5 Secure Carrier Ethernet Networks Whether using private lines or a Carrier Ethernet service, network security remains a critical priority for the CIO and CISO in the enterprise. Security experts and industry analysts agree that data security is essential to protect sensitive corporate information in any network. We will next focus on the use of Ethernet Layer 2 encryption as the technology of choice for protecting Carrier Ethernet WAN services. General Approaches to Network Security The threats facing today s high-speed networks and corporate computer systems continue to grow at an alarming rate. The Carrier Ethernet s Rise in Popularity The popularity of Carrier Ethernet services is mainly driven by its simplicity and resulting cost-effectiveness. The underlying physical and data links protocols used in these services are transparent to the traffic they support, making them easy to install and configure. To network operations managers, Ethernet WANs look like extended LANs and thus are easy to configure. Numerous prominent customers have effectively deployed these networks in a wide variety of ways over the past five years, validating their performance, capacity, reliability, and economic value. With improvements in network transport, monitoring, and rerouting technologies, network reliability for these services measures up to % availability; enabling them to be used for the most demanding high-reliability applications. To back up reliability claims with verifiable hard numbers, many carriers also offer Quality of Service (QoS) guarantees and Service Level Agreements (SLAs) to their customers, making their offerings exceedingly attractive. motivation behind these threats varies depending on the nature of the application and may be political or economic in nature. Network and computer system break-ins can also be very costly to business. As an example, the industry publication Digital Transactions reported in its July 2009 edition that the average cost of a data breach reached $6.7 million, not including legal or other expenses 2. As networks expand their geographic reach, the number of entry points also increases, further compounding risk. Nationally recognized security agencies like Carnegie Mellon University s Computer Emergency Readiness Team (CERT) 3 and the Federal Government s US-CERT 4 office recommend that companies implement protection strategies on an enterprise wide basis to mitigate risk and protect valuable corporate assets. Protection strategies used in today s highly distributed data processing environment include authentication, physical level security, perimeter security, encryption, network resiliency, and auditing. As recommended by leading security experts and agencies, a comprehensive, multilayered network security Schlar Consulting Group Page 5
6 model has been proven to reduce network vulnerabilities in a cost effective manner. In addition to improving security for distributed LANs and WANs, this multilayer/multizone approach gains strength through the use of multiple intrusion barriers and improved perimeter defenses. This concept of defense in depth increases the level of difficulty and thus lessens the probability of a successful attack. Ethernet Encryption The Ethernet data transmission protocol now used for end-to-end carrier services was originally developed for LANs in the 1980s and was approved as the official IEEE standard by the Institute of Electrical and Electronics Engineers in Over the past several decades, Ethernet has proven itself an extremely scalable and versatile protocol, far outstripping its original 10 Mbit/sec data rate to now run at speeds of 10 Gbit/sec and more. Operating as a data link protocol at Layer 2 of the standards-based Open Systems Interconnect (OSI) protocol stack, Ethernet can run on top of a wide variety of Layer 1 physical media, including copper (wire), optical (fiber), and wireless networks. At a technical level, data is transmitted across an Ethernet network in the form of variable length frames. Each frame contains a short header, a data or payload field, and a short trailer or frame checksum. The header contains both the source and destination address of the frame and is used to deliver the frame to the proper recipient. In unencrypted Ethernet transmission, the data field or payload portion of the frame is sent in human readable clear text. When encryption is used, the Ethernet header will sometimes remain in the clear and only the data field is encrypted. Other Ethernet encryption techniques include bulk and tunnel mode encryption. Bulk modes encrypt the entire Ethernet frame (including the header) and thus are used only for private point-to-point dark fiber circuits. Tunnel modes also encrypt the entire Ethernet frame, but permits routing by adding a new header to each frame. Depending on their application and network topologies, customers will use one of these three general Ethernet encryption methods. Original Ethernet Frame Header Data Payload FCS Clear Header Payload Encryption Header Data Payload FCS Bulk Encryption Header Data Payload FCS Tunnel Encryption New Header Header Data Payload FCS FCS Figure 1. Normal and encrypted Ethernet frames Schlar Consulting Group Page 6
7 Topologies Local Ethernet network segments are connected together by bridges, routers, and switches, which in turn feed other bridges, routers, and switches. Data is transmitted across the network from one end of the network to the other on a hop-by-hop basis. Large networks comprised of routers and switches can be arranged in a variety of layouts or topologies. In the WAN, common Ethernet topologies include point-topoint, star, and multipoint (also known as fully-meshed) networks. Figure 2. Point-to-point, star, and fully meshed topologies In addition to cost and network resiliency, the choice of network topology has a direct bearing on the higher layer application traffic, performance characteristics, and capacity of the network. Traffic on a network can include voice, data, file transfer, and video: each has its own unique flow characteristics and requirements. For example, Voice over IP (VoIP) phone calls are sent across the network in small size packets. Since the human ear is sensitive to voice timing fluctuations, network delay or latency affecting the flow of these packets greatly impacts the quality of voice communications. Although the bandwidth consumed by a single voice call is low, the performance of the network is still important. Data traffic, on the other hand, can be more tolerant to latencies, but large file transfers such as those employed for disaster recovery replication, are generally bandwidth intensive. Video streams combining images and voice are also latency-sensitive and consume much more bandwidth than voice. The Need for Encryption In today s security conscious corporate environments, network encryption has become an absolute requirement. As more and more data is used to conduct daily operations and IT environments have become more distributed, the exposure level has thus increased. Securing the confidentiality and integrity of data is critically important in order to safeguard privacy, protect against fraud, and comply with growing government and industry regulations. In the United States, strict federal regulations governing these concerns include the Federal Information Security Management Act (FISMA), the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX), and others covering encryption for private information and healthcare data. Schlar Consulting Group Page 7
8 Similar regulations like the Gramm-Leach-Bliley Act (GLBA) and the Payment Card Industry Data Security Standard (PCI DSS) apply to the financial services industry. Internationally, equivalent sets of data security standards include the European Union Data Protection Directive (EUDPD), Canada s Personal Information Protection and Electronics Document Act (PIPEDA), and the Basel Accords, issued by the Basel Committee on Banking Supervision. These strict regulations reinforce the fact that the implications of a security breach can be severe on multiple fronts. The sheer cost of recovering lost data and records, lost organizational productivity due to system outages, and fines for the release of sensitive personal information can easily cost millions of dollars. Equally burdensome legal expenses and damage to corporate reputations further compound these major expenses. Encryption as Applied to Carrier Networks Network-based encryption has been used for many years and can be applied at different layers in the OSI protocol stack. Most commonly, this is done at either Layer 2 or Layer 3, although some protocols like Secure Socket Layer (SSL) provide encryption at a higher layer. In a Carrier Ethernet network, encryption is done at the edge of the WAN network and can be performed at either Layer 2 or Layer 3. The value of doing lower layer encryption is that all network traffic is encrypted; and therefore there is no need to finetune encryption parameters for each type of protocol or application. Another significant benefit is the fact that this gives the customer control over their own network security and key management, allowing them to use their internal security staff and thus maintain full independence from the carrier. As previously stated, there are several forms of encryption typically used for carrier networks, each with their own merits and deficiencies. Layer 7 Application Layer 6 Presentation Layer 5 Session Layer 4 Transport Layer 3 Network Layer 2 Data Layer 1 Physical Layer 7 Application Layer 6 Presentation Layer 5 Session Layer 4 Transport Layer 3 Network Layer 2 Data Layer 1 Physical Figure 3. Layer 2 vs. Layer 3 encryption (OSI model) Schlar Consulting Group Page 8
9 Layer 2 Encryption To reach the level of performance needed to run at Gigabit Ethernet data rates, Layer 2 encryption is generally done in hardware, offering significant benefits including: The ability to run at full wire or optical fiber data rates, up to 10 Gbits/sec Very low latencies in the order of microseconds with no measureable impact on applications Very low overhead with little or no frame expansion High throughput, even with small frame/packet sizes No affect on the higher layer IP routing network design Because latency-sensitive applications like VoIP and video typically employ short frame/packets, expansion of these thus have a multiplying effect that consumes large amounts of bandwidth. Low overheads offered by Layer 2 encryption also improves throughput and allows for a more effective use of the available bandwidth. Layer 3 Encryption Many routers offer embedded standards-based Layer 3 IP encryption (IPSec). This protocol is commonly used in internal corporate networks (Intranets) to create virtual private networks (VPNs). Although popular, Layer 3 encryption has significant drawbacks, the first being data throughput. IPSec works by appending an additional header to every packet sent across the network. This second packet header can be up to 57 bytes in length, so for short 64 or 128 byte packets (as used for voice), this header can add upwards of 60% of additional overhead to every packet. The result is a dramatic reduction in throughput for small and medium sized packets that, for most companies, comprise the majority of all data traffic. Due to this processing overhead, even full sized 1514 byte packets cannot achieve full wire speed data rates. A second important deficiency with Layer 3 IPSec encryption is increased latency. The internal data path of an IP encryptor and router, for example, is far longer than a comparable line encryption device. Packets enter the switch on a WAN card, get forwarded to the processor card and encryption card, and then pass in the reverse order through all these cards as they leave the router. A similar path is repeated on the receiving end at the decryption device. When using IPSec, the combination of high packet overhead, per packet processing, and inefficient hardware design has been shown to add as much as 50% additional delay to a network. Due to packet fragmentation, latency is also increased for larger sized packets. The latency incurred with IPSec is generally an order of magnitude higher than with Layer 2 encryption making the process increasingly inefficient for today s demanding applications. Schlar Consulting Group Page 9
10 Best Practices and Applications The combination of Carrier Ethernet networks and Layer 2 encryption meets the four most important network objectives of government and enterprise customers: security, high WAN bandwidth, greater geographic reach, and affordability. By employing robust encryption where it best fits within the network, customers can utilize it as an enabling technology that allows them to take advantage of efficient and cost-effective carrier services. Ethernet Layer 2 encryption with robust cryptography using the Advanced Encryption Standard (AES) with 256-bit key lengths not only provides the strongest cipher commercially available to protect the confidentiality and integrity of the data in transit across these networks, but it also enables the customer to be in full control of security, independent of the carrier service. Providing minimum overhead and latency over alternative encryption methods, Ethernet Layer 2 encryption ensures maximum utilization of the bandwidth being purchased and provides a mechanism for compliance with important data security regulations. Some of the more common applications for this combined approach include: Disaster recovery data replication (main site to backup sites) Data center connectivity (multiple processing and storage sites) Secure integrated data, voice, and video Given the large size of today s databases and file storage systems, data replication and remote backup services involving terabyte or petabyte file transfers require large amounts of wide area bandwidth. The scalable bandwidth and high-speed 10 Gbit/sec connectivity offered by Carrier Ethernet networks is ideal for this application. Similar high bandwidth applications like disaster recovery and business continuity benefit from this approach. Transaction focused financial services and banking industries also gain from the performance and security available with this technology. Summary As new bandwidth-intensive applications emerge and the volume of corporate data continues to grow at an unprecedented rate, many corporations are looking to Thales Datacryptor Thales offers a leading Layer 2 encryption solution. The Datacryptor Ethernet Layer 2 encryption platforms are built specifically for the highbandwidth and low latency needs of government and enterprise customers. The family of stand-alone, hardwarebased encryptors is available in a variety of models addressing speeds from 10 Mbit/sec to 10 Gbit/sec pointto-point and multipoint networks. As legacy data, voice, and video networks converge onto a single high-speed common backbone, Carrier Ethernets offer an excellent mix of flexibility, scalability, wide domestic or international reach, high availability, and affordability. Thales Datacryptors can help customers secure these carrier services in a variety of ways to match a customer s existing WAN topologies. upgrade or replace their existing networks. Businesses, however, must balance their need for high performance solutions with the equally important criteria of security and affordability. For government and Schlar Consulting Group Page 10
11 enterprise organizations with large WANs, the shift away from privately owned and managed facilities towards the use of Carrier Ethernet end-to-end services is well underway. Although geographic network expansion increases exposure, security risks can be mitigated with the use of strong encryption technologies. Customers are advised to follow the recommendations of leading security agencies and adopt comprehensive, multi-tiered approach to security. CIOs, CISOs, and Network Architects should consider the use of Carrier Ethernet networks and Layer 2 Ethernet encryption as part of their overall corporate networking strategy. By providing the advantages outlined herein, Layer 2 encryption can allow users to fully experience the benefits and cost-effectiveness of end-to-end Ethernet connectivity by securely maximizing the use of available bandwidth. About the Author Sherman Schlar is an independent industry consultant and 30-year veteran of the data networking, streaming video, and videoconferencing industries. His background includes systems engineering, Quality Assurance testing, DoD security validation, product certification, and product management. During his long career, he managed one of world s largest private packet switched networks and has worked closely with major domestic carriers as well as leading European carriers and service providers in England, France, and Germany. Sherman is the author of a best selling book on the X.25 protocol as well as numerous trade magazine articles, white papers, and technical bulletins. His current interests include desktop video and collaboration platforms as well as the use of corporate broadband and social networks to conserve energy and enhance productivity and educational effectiveness. He is the President of the Schlar Consulting Group ( and resides in West Hartford, Connecticut. About Thales Thales is one of the world leaders in the provision of information and communication systems security solutions for government, defense, critical infrastructure operators, enterprises, and the finance industry. Thales unique position in the market is due to its end-to-end security offering spanning the entire value chain in the security domain. The comprehensive offering includes architecture design, security and encryption product development, evaluation and certification preparation, and through-life management services. Thales has an unrivalled 40-year track record of protecting information ranging from sensitive but unclassified up to top secret, as well as a comprehensive portfolio of security products and services, including network security products, application security products, and secured telephony products. To learn more, please visit Schlar Consulting Group Page 11
MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper
MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper 2006-20011 EarthLink Business Page 1 EXECUTIVE SUMMARY Multiprotocol Label Switching (MPLS), once the sole domain of major corporations
More informationWHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider
WHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider INTRODUCTION Multiprotocol Label Switching (MPLS), once the sole domain of major corporations and telecom carriers, has gone mainstream
More informationMPLS/IP VPN Services Market Update, 2014. United States
MPLS/IP VPN Services Market Update, 2014 United States August 2014 Contents Section Slide Numbers Executive Summary 4 Market Overview & Definitions 8 Drivers & Restraints 14 Market Trends & Revenue Forecasts
More informationSafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and
SafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and Management SafeNet Network Encryption and Isolation Solution
More informationVirtual Privacy vs. Real Security
Virtual Privacy vs. Real Security Certes Networks at a glance Leader in Multi-Layer Encryption Offices throughout North America, Asia and Europe Growing installed based with customers in 37 countries Developing
More informationWAN and VPN Solutions:
WAN and VPN Solutions: Choosing the Best Type for Your Organization xo.com WAN and VPN Solutions: Choosing the Best Type for Your Organization WAN and VPN Solutions: Choosing the Best Type for Your Organization
More informationNovember 2013. Defining the Value of MPLS VPNs
November 2013 S P E C I A L R E P O R T Defining the Value of MPLS VPNs Table of Contents Introduction... 3 What Are VPNs?... 4 What Are MPLS VPNs?... 5 What Are the Benefits of MPLS VPNs?... 8 How Do
More informationBusiness Continuity and Disaster Recovery Solutions in Government
> Business Continuity and Disaster Recovery Solutions in Government Protecting Critical Data Flow for Uninterrupted Services WHITE PAPER January 2010 J. Asenjo, CISSP www.thalesgroup.com/iss Information
More informationMaking the Case for Satellite: Ensuring Business Continuity and Beyond. July 2008
Making the Case for Satellite: Ensuring Business Continuity and Beyond July 2008 Ensuring Business Continuity and Beyond Ensuring business continuity is a major concern of any company in today s technology
More informationHow Proactive Business Continuity Can Protect and Grow Your Business. A CenturyLink White Paper
How Proactive Business Continuity Can Protect and Grow Your Business For most companies, business continuity planning is instantly equated with disaster recovery the reactive ability of a business to continue
More informationMulti-protocol Label Switching
An INS White Paper Multi-protocol Label Switching An economic way to deliver integrated voice, video and data traffic March 2013 Run your business on one network Multi-protocol Label Switching (MPLS) is
More informationSolutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance
White Paper Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance Troy Herrera Sr. Field Solutions Manager Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA
More informationBest Practices: The Key Things You Need to Know Now About Secure Networking Layer 1 (SONET), Layer 2 (ATM), and Layer 3 (IP) Encryption Technologies
Best Practices: The Key Things You Need to Know Now About Secure Networking Layer 1 (SONET), Layer 2 (ATM), and Layer 3 (IP) Encryption Technologies Reaching a Balance Between Communications and Security
More informationETHERNET WAN ENCRYPTION SOLUTIONS COMPARED
HERN WAN ENCRYPTION SOLUTIONS COMPARED KEY WORDS AND TERMS MACsec, WAN security, WAN data protection, MACsec encryption, network data protection, network data security, high-speed encryption, Senetas,
More informationUnderstanding the Value of MPLS Ethernet Encryption
White Paper Understanding the Value of MPLS Ethernet Encryption By Jon Oltsik March, 2010 This ESG White Paper was commissioned by Thales e-security and is distributed under license from ESG. 2010, Enterprise
More information1.264 Lecture 37. Telecom: Enterprise networks, VPN
1.264 Lecture 37 Telecom: Enterprise networks, VPN 1 Enterprise networks Connections within enterprise External connections Remote offices Employees Customers Business partners, supply chain partners Patients
More informationFrame Relay vs. IP VPNs
Contents: The Case for Frame Relay The Case for IP VPNs Conclusion Frame Relay vs. IP VPNs 2002 Contents: Table of Contents Introduction 2 Definition of Terms 2 Virtual Privacy and 3 the Value of Shared
More informationMPLS: Key Factors to Consider When Selecting Your MPLS Provider
White paper MPLS: Key Factors to Consider When Selecting Your MPLS Provider New Edge Networks June 2008 New Edge Networks 3000 Columbia House Blvd. Vancouver, WA 98661 360-693-9009 1-866-636-EDGE www.newedgenetworks.com
More informationCommunication Networks. MAP-TELE 2011/12 José Ruela
Communication Networks MAP-TELE 2011/12 José Ruela Network basic mechanisms Introduction to Communications Networks Communications networks Communications networks are used to transport information (data)
More informationTechnical papers Virtual private networks
Technical papers Virtual private networks This document has now been archived Virtual private networks Contents Introduction What is a VPN? What does the term virtual private network really mean? What
More informationethernet services for multi-site connectivity security, performance, ip transparency
ethernet services for multi-site connectivity security, performance, ip transparency INTRODUCTION Interconnecting three or more sites across a metro or wide area network has traditionally been accomplished
More informationWHATARETHEKEYBENEFITS OFMPLSTECHNOLOGY?
WHATARETHEKEYBENEFITS OFMPLSTECHNOLOGY? CHOOSINGTHERIGHTWIDEAREANETWORKSOLUTION FORYOURMULTI-LOCATIONENTERPRISE ExecutiveBrief P a g e 1 Executive Brief What are the Key Benefits of MPLS Technology? Choosing
More informationPreparing Your IP network for High Definition Video Conferencing
White Paper Global Services April 2007 Table of Contents 1.0 OVERVIEW...3 2.0 VIDEO CONFERENCING BANDWIDTH DEMAND...3 3.0 AVAILABLE BANDWIDTH...5 3.1 Converged Network Links... 6 3.2 Dedicated Network
More informationPreparing Your IP Network for High Definition Video Conferencing
WHITE PAPER Preparing Your IP Network for High Definition Video Conferencing Contents Overview...3 Video Conferencing Bandwidth Demand...3 Bandwidth and QoS...3 Bridge (MCU) Bandwidth Demand...4 Available
More informationHow To Get More Bandwidth From Your Business Network
Choosing Ethernet Services IS ETHERNET THE RIGHT CHOICE FOR YOUR NETWORK? Business Ethernet Including Ethernet over Copper (EoC) and Ethernet over Digital Signal Cross-connect (EoDSx) Delivers Cost- Effective,
More informationBest Effort gets Better with MPLS. Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications
Best Effort gets Better with MPLS Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications A White Paper on Multiprotocol Label Switching October,
More informationAPPLICATION NOTE. Benefits of MPLS in the Enterprise Network
APPLICATION NOTE Benefits of MPLS in the Enterprise Network Abstract As enterprises evolve to keep pace with the ever-changing business climate, enterprises networking needs are becoming more dynamic.
More informationMANAGEMENT INFORMATION SYSTEMS 8/E
MANAGEMENT INFORMATION SYSTEMS 8/E Raymond McLeod, Jr. and George Schell Chapter 10 Data Communications Copyright 2001 Prentice-Hall, Inc. 10-1 Objectives Understand data communication basics. Know the
More informationThe WestNet Advantage: -- Textbooks, ebooks, ecourses -- Instructor Resourse Center -- Student Resource Center
The WestNet Advantage: -- Textbooks, ebooks, ecourses -- Instructor Resourse Center -- Student Resource Center The entire cost of the program is funded by the textbook, ebook or ecourse purchase by your
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationEVALUATING NETWORKING TECHNOLOGIES
WHITE PAPER EVALUATING NETWORKING TECHNOLOGIES CONTENTS EXECUTIVE SUMMARY 01 NETWORKS HAVE CHANGED 02 Origin of VPNS Next-generation VPNS TODAY S CHOICES 04 Layer 3 VPNS Layer 2 VPNS MAKING YOUR DECISION
More informationLayer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer
Layer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer Layer 2 Network Encryption where safety is not an optical illusion Todays Agenda Fibre is safe
More informationChapter 5. Data Communication And Internet Technology
Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN
More informationEthernet is service provider terms can be delivered from speeds starting from 1mb all the way up to 1Gb+.
Carrier Ethernet vs. (Standard) Ethernet The Ethernet Evolution. The Basics What is Ethernet? Ethernet (technical term is IEEE 802.3) has set the standard in how service providers connect customers to
More informationMastering Network Design with MPLS
Mastering Network Design with MPLS Overview In this paper, enterprise CIOs, IT&T professionals and network architects will learn how to improve productivity and security by designing multi-location Virtual
More informationSingTel MPLS. The Great Multi Protocol Label Switching (MPLS) Migration
SingTel MPLS The Great Multi Protocol Label Switching (MPLS) Migration SingTel MPLS The Great MPLS Migration There are now a variety of alternatives when it comes to connecting multiple sites with WAN
More informationThe Business Case for Ethernet Services Whitepaper Sponsored by Time Warner Cable Business Class
The Business Case for Ethernet Services Whitepaper Sponsored by Time Warner Cable Business Class Executive Summary Network-based applications such as Voice over IP (VoIP), cloud, collaboration services
More informationNATIONAL RESEARCH AGENCY CASE STUDY - CCTV NETWORK SERVICES
NATIONAL RESEARCH AGENCY CASE STUDY - CCTV NWORK SERVICES A Major CCTV network and surveilance services provider chose Senetas certified high-speed encryptors to protect European law enforcement CCTV network
More informationPrimary Data Center. Remote Data Center Plans (COOP), Business Continuity (BC), Disaster Recovery (DR), and data
White Paper Storage Extension Network Solutions Between Data Centers Simplified, Low Cost, Networks for Storage Replication, Business Continuity and Disaster Recovery TODAY S OPERATING CLIMATE DEMANDS
More informationWHY CHOOSE COX BUSINESS FOR YOUR COMPANY S NETWORK SERVICE NEEDS?
WHY CHOOSE COX BUSINESS FOR YOUR COMPANY S NETWORK SERVICE NEEDS? This document provides an overview of the Cox Business portfolio of business networking services and explains why customers should consider
More informationBusiness Services. Is Ethernet the Right Choice for Your Network? Learn More: Call us at 877.634.2728. www.megapath.com
Business Services Is Ethernet the Right Choice for Your Network? Learn More: Call us at 877.634.2728. www.megapath.com Is Ethernet the Right Choice for Your Network? Business Ethernet including Ethernet
More informationEvolving Your Network with Metro Ethernet and MPLS VPNs
Evolving Your Network with Metro Ethernet and MPLS VPNs Change is a constant in enterprise networking and the axiom definitely holds true when considering wide-area connectivity options. Experienced IT
More informationComputer Networking Networks
Page 1 of 8 Computer Networking Networks 9.1 Local area network A local area network (LAN) is a network that connects computers and devices in a limited geographical area such as a home, school, office
More informationThe role of encryption in securing data centre connectivity
> The role of encryption in securing data centre connectivity www.thalesgroup.com/iss >> Contents Introduction... 3 A growing dependence... 4 Key issues and challenges in protecting data in transit...
More informationHow To Secure My Data
How To Secure My Data What to Protect??? DATA Data At Rest Data at Rest Examples Lost Infected Easily Used as Backup Lent to others Data Corruptions more common Stolen Left at airports, on trains etc Hard
More informationHigh speed Ethernet WAN: Is encryption compromising your network?
High speed Ethernet WAN: Is encryption compromising your network? Trademark: 2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names
More informationOptimizing Networks for NASPI
Optimizing Networks for NASPI Scott Pelton, CISSP National Director AT&T Enterprise Network Architecture Center 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks
More informationMulti Protocol Label Switching (MPLS) is a core networking technology that
MPLS and MPLS VPNs: Basics for Beginners Christopher Brandon Johnson Abstract Multi Protocol Label Switching (MPLS) is a core networking technology that operates essentially in between Layers 2 and 3 of
More informationWHITEPAPER. VPLS for Any-to-Any Ethernet Connectivity: When Simplicity & Control Matter
WHITEPAPER VPLS for Any-to-Any Ethernet Connectivity: When Simplicity & Control Matter The Holy Grail: Achieving Simplicity and Control in the IT Infrastructure Today s Information Technology decision-makers
More informationLocal Area Networks (LANs) Blueprint (May 2012 Release)
Local Area Networks (LANs) The CCNT Local Area Networks (LANs) Course April 2012 release blueprint lists the following information. Courseware Availability Date identifies the availability date for the
More informationLecture 1. Lecture Overview. Intro to Networking. Intro to Networking. Motivation behind Networking. Computer / Data Networks
Lecture 1 An Introduction to Networking Chapter 1, pages 1-22 Dave Novak BSAD 146, Introduction to Networking School of Business Administration University of Vermont Lecture Overview Brief introduction
More informationTelecom Applications:
Wireless Broadband: As the global economy continues to expand, so does the demand for information. This information needs to be abundant, diversified, instant, scattered and mobile, all at the same time.
More informationENTERPRISE CONNECTIVITY
ENTERPRISE CONNECTIVITY IP Services for Business, Governmental & Non-Governmental Organizations The success of today s organizations and enterprises highly depends on reliable and secure connectivity.
More information10 Gigabit Ethernet: Scaling across LAN, MAN, WAN
Arasan Chip Systems Inc. White Paper 10 Gigabit Ethernet: Scaling across LAN, MAN, WAN By Dennis McCarty March 2011 Overview Ethernet is one of the few protocols that has increased its bandwidth, while
More informationBest practices for protecting network data
Best practices for protecting network data A company s value at risk The biggest risk to network security is underestimating the threat to network security. Recent security breaches have proven that much
More informationThe Evolution of Ethernet
June 2010 White Paper The Evolution of Ethernet How Ethernet solutions, such as NTT America s VLink, can help businesses reduce private networking costs while leveraging Ethernet technology. Introduction
More informationThe term Virtual Private Networks comes with a simple three-letter acronym VPN
Application Brief Nortel Networks Virtual Private Networking solutions for service providers Service providers addressing the market for Virtual Private Networking (VPN) need solutions that effectively
More informationApplication Note License-Exempt Gigabit Ethernet Microwave Radio Applications
Application Note License-Exempt Gigabit Ethernet Microwave Radio Applications Applicable Products: EX-5r GigE, EX-5r-c GigE Introduction The accelerated growth of fixed and mobile wireless broadband services
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationIVCi s IntelliNet SM Network
IVCi s IntelliNet SM Network Technical White Paper Introduction...2 Overview...2 A True ATM Solution End to End...2 The Power of a Switched Network...2 Data Throughput:...3 Improved Security:...3 Class
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R F l e x i b l e N e t w o r k - B a s e d, E n t e r p r i s e - C l a s s I P
More informationHow to cut communications costs by replacing leased lines and VPNs with MPLS
in association with How to cut communications costs by replacing leased lines and VPNs with MPLS March 09 End of the line for leased lines and IPSec VPNs as MPLS comes of age Contents Executive summary
More informationVoice over IP Networks: Ensuring quality through proactive link management
White Paper Voice over IP Networks: Ensuring quality through proactive link management Build Smarter Networks Table of Contents 1. Executive summary... 3 2. Overview of the problem... 3 3. Connectivity
More informationConverged TDM and IP- Based Broadband Solutions White Paper. OnSite OS-10 Multi-Service over SDH Provisioning
Converged TDM and IP- Based Broadband Solutions White Paper OnSite -10 Multi-Service over SDH Provisioning Copyright Copyright 2009, Patton Electronics Company. All rights reserved. Printed in the USA.
More informationAssessing Telehealth Operational and Technology Security Risks to Privacy
Assessing Telehealth Operational and Technology Security Risks to Privacy Prepared by the Center for Telehealth University of New Mexico Health Sciences Center July 2003 INTRODUCTION The purpose of this
More informationWAN Technology. Heng Sovannarith heng_sovannarith@yahoo.com
WAN Technology Heng Sovannarith heng_sovannarith@yahoo.com Introduction A WAN is a data communications network that covers a relatively broad geographic area and often uses transmission facilities provided
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationFibre Channel Overview of the Technology. Early History and Fibre Channel Standards Development
Fibre Channel Overview from the Internet Page 1 of 11 Fibre Channel Overview of the Technology Early History and Fibre Channel Standards Development Interoperability and Storage Storage Devices and Systems
More informationUniversal Network Access Policy
Universal Network Access Policy Purpose Poynton Workmens Club makes extensive use of network ed Information Technology resources to support its research and administration functions and provides a variety
More informationAddressing Inter Provider Connections With MPLS-ICI
Addressing Inter Provider Connections With MPLS-ICI Introduction Why migrate to packet switched MPLS? The migration away from traditional multiple packet overlay networks towards a converged packet-switched
More informationBuilding integrated services intranets
Building integrated services intranets A White Paper from Inalp Networks Inc Meriedweg 7 CH-3172 Niederwangen Switzerland http://www.inalp.com CONTENTS CONTENTS...2 1 EXECUTIVE SUMMARY...3 2 INTRODUCTION...4
More informationETHERNET ENCRYPTION MODES TECHNICAL-PAPER
1 ETHERNET ENCRYPTION MODES TECHNICAL-PAPER The CN series encryption platform is designed to secure information transmitted over a number of network protocols. The CN series encryptors secure Ethernet
More informationSecure Network Design: Designing a DMZ & VPN
Secure Network Design: Designing a DMZ & VPN DMZ : VPN : pet.ece.iisc.ernet.in/chetan/.../vpn- PPTfinal.PPT 1 IT352 Network Security Najwa AlGhamdi Introduction DMZ stands for DeMilitarized Zone. A network
More informationLeased-Line Replacement. Utilizing gigabit wireless links to provide fiber-like performance at significant savings compared to leased lines.
Leased-Line Replacement Utilizing gigabit wireless links to provide fiber-like performance at significant savings compared to leased lines. Leased-Line Replacement When considering high-bandwidth connections
More informationHow To Deliver High Quality Telephony Over A Network
Voice over Application Note Telephony Service over Satellite January 2012 Data Sells but Voice Pays In the early years of the industry, networks were deployed primarily for telephony services. As time
More informationTrustNet CryptoFlow. Group Encryption WHITE PAPER. Executive Summary. Table of Contents
WHITE PAPER TrustNet CryptoFlow Group Encryption Table of Contents Executive Summary...1 The Challenges of Securing Any-to- Any Networks with a Point-to-Point Solution...2 A Smarter Approach to Network
More informationManaged Services: Taking Advantage of Managed Services in the High-End Enterprise
Managed Services: Taking Advantage of Managed Services in the High-End Enterprise What You Will Learn This document explores the challenges and solutions for high-end enterprises using managed services.
More informationChapter 9A. Network Definition. The Uses of a Network. Network Basics
Chapter 9A Network Basics 1 Network Definition Set of technologies that connects computers Allows communication and collaboration between users 2 The Uses of a Network Simultaneous access to data Data
More informationSupporting Server Consolidation Takes More than WAFS
Supporting Server Consolidation Takes More than WAFS October 2005 1. Introduction A few years ago, the conventional wisdom was that branch offices were heading towards obsolescence. In most companies today,
More informationChapter 2 - The TCP/IP and OSI Networking Models
Chapter 2 - The TCP/IP and OSI Networking Models TCP/IP : Transmission Control Protocol/Internet Protocol OSI : Open System Interconnection RFC Request for Comments TCP/IP Architecture Layers Application
More informationRohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests
Rohde & Schwarz R&S Encryption Device Functionality & Performance Tests Introduction Following to our test of the Rohde & Schwarz ETH encryption device in April 28 the European Advanced Networking Test
More informationNavigating to MPLS-Enabled Networks: The Search for Security, Flexibility and Simplicity
AT&T s 4 POINTSOF CONVERGENCE Navigating to MPLS-Enabled Networks: The Search for Security, Flexibility and Simplicity AT&T s Four Points of Convergence Business leaders are quickly recognizing that a
More informationHow To Find A Vpn Wan Solution
Sorting Out the Alphabet Soup of VPN Solutions A practical approach to assessing WAN technologies that support your distributed organization s diverse needs Get Started Now: 877.611.6342 to learn more.
More informationThe Keys for Campus Networking: Integration, Integration, and Integration
The Keys for Campus Networking: Introduction Internet Protocol (IP) is considered the working-horse that the vast majority of current and future applications use as the key technology for information exchange,
More informationDeploying a Secure Wireless VoIP Solution in Healthcare
Deploying a Secure Wireless VoIP Solution in Healthcare Situation Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants
More informationSecure networks are crucial for IT systems and their
ISSA The Global Voice of Information Security Network Security Architecture By Mariusz Stawowski ISSA member, Poland Chapter Secure networks are crucial for IT systems and their proper operation. Essential
More informationMPLS in Private Networks Is It a Good Idea?
MPLS in Private Networks Is It a Good Idea? Jim Metzler Vice President Ashton, Metzler & Associates March 2005 Introduction The wide area network (WAN) brings indisputable value to organizations of all
More informationA Business Guide to MPLS IP VPN Migration:
A Business Guide to MPLS IP VPN Migration: Five Critical Factors xo.com A Business Guide to MPLS IP VPN Migration: Five Critical Factors Contents Abstract 3 Introduction 4 The Evolving Needs of Today s
More informationThe Role of Carrier Ethernet in Business Applications
The Role of Carrier Ethernet in Business Applications Examining the Choices for your Business Applications February 2012 Positioning Paper Page 1 of 11 Table of Contents 1 Introduction... 3 2 Characteristics
More informationData Communication Networks and Converged Networks
Data Communication Networks and Converged Networks The OSI Model and Encapsulation Layer traversal through networks Protocol Stacks Converged Data/Telecommunication Networks From Telecom to Datacom, Asynchronous
More informationPortable Wireless Mesh Networks: Competitive Differentiation
Portable Wireless Mesh Networks: Competitive Differentiation Rajant Corporation s kinetic mesh networking solutions combine specialized command and control software with ruggedized, high-performance hardware.
More informationWAN. Introduction. Services used by WAN. Circuit Switched Services. Architecture of Switch Services
WAN Introduction Wide area networks (WANs) Connect BNs and LANs across longer distances, often hundreds of miles or more Typically built by using leased circuits from common carriers such as AT&T Most
More informationYour Wide Area Network Just Got a Whole Lot Wider.
Your Wide Area Network Just Got a Whole Lot Wider. Rely on XO for networking solutions that will enhance your business today and tomorrow. Contact your local XO sales representative or visit us at www.xo.com
More informationLoopStar 700. Next Generation Ethernet Access and Transport Solutions
LoopStar 700 Next Generation Ethernet Access and Transport Solutions The LoopStar 700 Product Family The LoopStar 700 product family delivers all efficiently consolidate all services onto a the features
More informationconvergence: preparing the enterprise network
hp procurve networking business january 2003 convergence: preparing the enterprise network business white paper protecting investments with the hp procurve adaptive EDGE architecture table of contents
More informationUsing & Offering Wholesale Ethernet Network and Operational Considerations
White Paper Using and Offering Wholesale Ethernet Using & Offering Wholesale Ethernet Network and Operational Considerations Introduction Business services customers are continuing to migrate to Carrier
More informationSecuring Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
More informationTCP/IP Network Communication in Physical Access Control
TCP/IP Network Communication in Physical Access Control The way it's done: The security industry has adopted many standards over time which have gone on to prove as solid foundations for product development
More informationDraft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications
Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that
More informationDynamic Verizon Ethernet Solutions for the Extended Manufacturing Enterprise
executive brief: data networking Dynamic Verizon Ethernet Solutions for the Extended Manufacturing Enterprise Executive Summary Comprised of both internal and external organizations, including a company
More information