LAYER 1 & LAYER 2 ENCRYPTION WHY: ONE SIZE DOES NOT FIT ALL
|
|
- Josephine Gilmore
- 8 years ago
- Views:
Transcription
1 LAYER 1 & LAYER 2 ENCRYPTION WHY: ONE SIZE DOES NOT FIT ALL GIVEN ON 4/28/2015 Todd Bundy Director of Global Business Development ADVA Optical Networking tbundy@advaoptical.com Internet2
2 Why Encryption at L1 and L2? "What last year's revelations showed us was irrefutable evidence that unencrypted communications on the internet are no longer safe. Any communications should be encrypted by default Edward Snowden - Guardian Interview, Moscow July 2014 [ 2 ] 2015 Internet2
3 Data Center Environment & Security APPS APPS
4 Data Center Environment & Security Physical Access to the Data Center APPS APPS
5 Data Center Environment & Security Hardware Security APPS APPS
6 Data Center Environment & Security Software Security APPS APPS
7 Data Center Environment & Security and what about the Fiber Connection? APPS APPS
8 Fiber Optic Networks Tapping Possibilities Street cabinet Where to get access? Splice boxes / cassettes (Outdoor / Inhouse) How to get access? Y-Bridge for service activities Fiber Coupling device There are multiple ways to access fiber
9 The World s 1 st 100G Encryption Demo Video Video XG-210 Local Sender Optic Coupler Remote Receiver XG TCE-AES100G 10TCE-AES100G 4CSM 4CSM CLI CLI Intermediate Hacker Video? XG210 10TCE-AES100G 4CSM & EDFA VGC CLI
10 Comparison: Layer 1 & 2 solutions Requirement* IPSec* MACSec*(L2)* MACSec+*(L2)* Layer*1** Complexity+&+Cost+ high+ low+ low+ low+ Latency++ high+ low+ low+ extremely+low+ Deployment+ no+dedicated+ end8to8end+ connec9vity++ hop8to8hop+only++ security+risk+ end to end++ end8to8end+ Data+Throughput+ low+ medium+ medium+ 100%+ Protocol+Transparency++ low+ medium+ medium+ high+ Flexible+Encrypted+Payload+ Size+ restricted++ restricted++ (standard+mac+size)+ restricted++ (9600B+MTU+size)+ End to End+Compa9bility++ IP+only+ layer+2+only+ VLAN+bypass+ 1G+ +100G+ Fiber/OTN++ SONET/SDH+ Flexibility+(Meshed)+ high+ low+ medium+ low+
11 High Speed Encryption Modes Point-to-Point, Protocol/ I/F agnostic (ETH, FC/IB, Sonet/SDH) Integrated Solution with lowest latency encrypted Bulk Mode (0 Bytes) DA SA S-TAG C-TAG Etype Payload FCS Hop-by-Hop only Pure Ethernet based Overhead increase End-to-End PtP or Multi-Point Pure Ethernet based Overhead increase MACsec +32 Bytes encrypted DA SA SecTAG S-TAG C-TAG Etype Payload ICV FCS authenticated prosec +32 Bytes encrypted DA SA S-TAG SecTAG C-TAG Etype Payload ICV FCS authenticated authenticated Bandwidth constraints IP VPN Services Huge overhead IPsec ESP-AES-256 ESP-SHHA-HMAC +73 Bytes encrypted DA SA S-TAG C-TAG Etype IPsec ESP IV Payload Trailer Auth FCS authenticated
12 Encryption Performance Comparison of Maximum Throughput (3000) Throughput+ Framesize+/+Bytes+
13 Optical transmission security Speed of Encryption xwdm based Encryption Router Site A WAN Site B Router Ethernet based Encryption IPsec based Encryption FC based Encyption FC Switch WDM-transport Router Site A Site B FC/IP FC Switch Router FC Switch WDM-transport Site A WAN WAN Site B WDM-transport FC Switch Router FC/IP FC Switch Router WDM-transport FC Switch Speed, throughput and simplicity Flexibility and complexity [ 13 ]
14 L1 Encryption Solution Highest level of security Speed - Low Latency 100% Throughput Protocol and data rate agnostic Operational Simplicity Encryption at the lowest possible layer
15 Data Center Connectivity - Dark Fiber Connect Guard Optical layer 1 encryption Applications Protocols Data Mirroring Remote Backup GDPS Snapshot Server Clustering Site A Site B 4/8/10/16G Fibre Channel Mainframe Storage Server Protocol agnostic native transport of all data over single color. 16G Fibre Channel with future 32GFC increases real throughput. Long list of certifications and partners. 1/10/40/100G Ethernet SDR/DDR/QDR FDR/FDR-10 InfiniBand FICON Maximum security and lowest latency.
16 Encryption over WDM 10GbE, 16G FC, 40GbE, 100GbE Services Network & Crypto Manager Site B Site A WDM Network LAN SAN Legacy LAN SAN Legacy Multi rate Multi rate 10TCE-PCN-16GU+AES100G 10TCE-PCN-16GU+AES100G
17 Business continuity example-sync Data Center Site-A Servers/mainframes Fiber 0-200km Intermediate Site-B Sync Mirror Servers/mainframes Director F S P WDM F S P WDM Director DISK (primary) NMS Synchronous operation: Local transaction will only complete when remote transaction completes Tape vault DISK (secondary)
18 Layer 1 Encryption Large enterprises e.g. Financials upgrading their infrastructure to layer 1 encryption between their DCs. We believe that Cloud SPs will benefit from the same methodology. Layer 1 encryption will motivate large enterprise to move into the Cloud. 3,830 x 10G equivalent encrypted links in operation 61% Finance (70 customers) 10% Cloud SPs (18 customers) 9% Government (16 customers) 6% Healthcare ( 8 customers) 5% Utilities ( 9 customers)
19 Verticals & Cloud Service Providers use of L1 Encryption Finance latency & security sensitive Government security sensitive HealthCare Encryption security & cost is important sensitive Utility latency & security sensitive Internet Economy scalability & cost sensitive for all industries Private Cloud - BC & DR - lowest latency - secure LAN/SAN/WAN Dynamic Hybrid Cloud - BC & DR (on & off premises) - lowest latency - secure LAN/SAN/WAN Public Cloud - XaaS - Internet connect
20 Use Cases: Marist IBM ADVA SDN LAB Bandwidth calendaring Cloud bursting Cloud DC Private Datacenters Workload balancing Secure multi-tenancy Load Load Tenant 1 Tenant 2 Transactional nature of DC-to-DC traffic (bulk data transfers) offers opportunities for optical bandwidth-on-demand.
21 Combined sync/async scenario - Data center site-a Servers/ Mainframes Director F S P WDM 0-200km Fiber Intermediate site-b Sync Mirror Servers/Mainframes F S P WDM FC/IP Gateway s km Carrier Network FC/IP Director Gateway F S P F S P CLOUD DR site-c Ohio Async Mirror Servers/ Mainframes DISK (primary) DISK (secondary) Tape vault DISK (third Copy) Asynchronous operation: No specific link between completion of a local and remote transaction
22 Encryption over L1 Carrier Networks 1GbE & 10GbE Services Network & Crypto Manager Site B Site A LAN LAN OTN Network Carrier Managed Service n*1gbe, 10GbE n*1gbe, 10GbE 5TCE-PCN-AES 5TCE-PCN-AES
23 L2 Encryption Solution [ 23 ]
24 ConnectGuard secure connectivity on all layers Branch C LAN up+to+1gbit+ 100 Gbit/s Bandwidth 1.5 Mbit/s LAN Branch A Branch B LAN LAN LAN SAN Cluster Main Office up+to+1gbit+ >+100Mbit+ >+10Gbit+ >+100Gbit+ up+to+1gbit+ >+100Mbit+ >+10Gbit+ >+100Gbit+ HQ LAN LAN SAN Cluster
25 MACsec slide with cloud Site B LAN LAN Site A Site C LAN
26 prosec slide with cloud Site B LAN LAN Site A Site C LAN
27 prosec capabilities IEEE+802.1AE82006+compliant+ w/+gcm8aes8128+cipher+suite+ Secure multipoint services NID Encryption Point VID10 SecTAG VID10 CE IEEE+802.1AEbn82011+compliant+ w/+gcm8aes8256+cipher+suite++ Packet+number+genera9on+and+ checking++ CE Sensitive data to/from branch 1 VID10 Sensitive data to/from branch 2 VID20 UBS hub site Encryption Point VID10 SecTAG VID20 SecTAG NID VID10 SecTAG Carrier Network VID20 SecTAG NID UBS branch #1 Encryption Point VID20 VID20 SecTAG UBS branch #2 CE Advanced*MACsec*transforma?on*with*single/dual*VLAN*bypass* Supports+point8to8point+secure+connec9vity++ Works+in+conjunc9on+with+ADVA+Security+Associa9on+Protocol+(SAP)+for+the+ distribu9on+of+the+cryptographic+keys+
28 Encryption Management & Operations [ 28 ]
29 Data Center Networks Encryption Management for Private Networks Scenario 1 - User of encryption is the operator of equipment LAN EM or LCT/CLI DCN NM Server NM Clients 3 rd Party NE 3 rd Party NE Crypto Manager running on NM
30 Data Center Networks Encryption Management for Private Networks Scenario 2 - Encryption user does not own the network LAN WWW. NM Server NM Clients GUI Server running NM client apps DCN Customer A 3 rd Party NE 3 rd Party NE Crypto Manager running on GUI Server
31 Crypto Management Management Levels Provided Operational management Deals with all operational aspects (FCAPS) User access is handled on the NCU Security management Control of all security relevant activities Separated from operational management Access control handling on the AES Muxponder not on the NCU Security relevant activities are performed using the security relevant credentials ROOT users have no access to security management
32 SUMMARY! Large Data Centers users will migrate certain workloads to the Cloud to take advantage of the latest technologies at affordable costs.! Security of their Data is the No.1 concern.! Layer 1 Encryption is their solution of choice that does not impact performance or latency supports the latest Data Center protocols is easy to manage and operate! Layer 2 Encryption with MACSec+ innovation Enhances deployment flexibility at lower cost Reduces complexity legacy plus Cloud This is what we offer to large enterprises and Cloud Service Providers.
33 Backup slides
34 Management Security Authentication - RADIUS server Centralized password and user management User-access logging Access to the system/ncu - Secure shell and SNMPv3 Full management encryption Embedded Craft Terminal communication based on HTTPS or SSH or SNMPv3 Firmware and database updates via SCP User tracking Security inside Network Manager Corba/TLS for Client-Server communication Northbound I/F: XML/HTTPS, SCP/SSH Filtered network views via Service Manager All user information in NM database is encrypted RADIUS client F S P F S P F S P Local administration RADIUS server Operator via SSH (Secure Shell)
35 Crypto Officer on Network Manager Crypto Manager launched for dedicated service
36 Crypto Manager
37 Crypto Manager for Data Services Encryption can be managed in different ways - based on the usage scenario: Management via LCT/CLI: Encryption user has direct access (serial/telnet/https) to the equipment Encryption management as separate management area inside LCT/CLI (separate encryption user and operational user access) Every security relevant command inside LCT/CLI has to be confirmed with the crypto officer password Management via NM/SM/Crypto Manager Crypto Manager allows graphical management of encryption parameters Each change of parameters inside Crypto Manager must be confirmed with Crypto Officer password Combination with Service Manager enables operator to give limited network view to encryption user so that he only sees/manages his own services Service Manager/Crypto Manager can run in virtualized environment (CITRIX) to keep customer behind firewall
38 3000 Security Suite Benefits for Enterprise customers Helps to effectively protect critical information Superior low-latency performance Enables compliance with laws and regulations for Carriers and Service Providers Attract new customers in key verticals Differentiate service offering and increase margins Enable new encryption service offering through separate transmission and encryption management
Crypto WDM Surprise! Ari Salomaa, ADVA Finland @Trex, June 9, 2014
Crypto WDM Surprise! Ari Salomaa, ADVA Finland @Trex, June 9, 2014 Security & Encryption in Optical Transmission Ari Salomaa, ADVA Finland @Trex, June 9, 2014 Why? When you transport information optically
More informationVirtualized Converged Data Centers & Cloud how these trends are effecting Optical Networks
Virtualized Converged Data Centers & Cloud how these trends are effecting Optical Networks Todd Bundy Director, Global Alliances-Enterprise ADVA Optical Networking tbundy@advaoptical.com 203-746-8060 Connecting
More informationMarker Drivers and Requirements. Encryption and QKD. Enterprise Connectivity Applications
Marker Drivers and Requirements for Encryption and QKD in Enterprise Connectivity Applications Christian Illmer September 2009 ADVA Optical Networking ADVA is a leading global provider of xwdm optical
More informationOptical Networks for Next Generation Disaster Recovery Networking Solutions with WDM Systems Cloud Computing and Security
Optical Networks for Next Generation Disaster Recovery Networking Solutions with WDM Systems Cloud Computing and Security By Andrew MacKay, Chief Technology Officer, Superna www.superna.net Legacy Data
More informationPrimary Data Center. Remote Data Center Plans (COOP), Business Continuity (BC), Disaster Recovery (DR), and data
White Paper Storage Extension Network Solutions Between Data Centers Simplified, Low Cost, Networks for Storage Replication, Business Continuity and Disaster Recovery TODAY S OPERATING CLIMATE DEMANDS
More informationNATIONAL RESEARCH AGENCY CASE STUDY - CCTV NETWORK SERVICES
NATIONAL RESEARCH AGENCY CASE STUDY - CCTV NWORK SERVICES A Major CCTV network and surveilance services provider chose Senetas certified high-speed encryptors to protect European law enforcement CCTV network
More informationETHERNET WAN ENCRYPTION SOLUTIONS COMPARED
HERN WAN ENCRYPTION SOLUTIONS COMPARED KEY WORDS AND TERMS MACsec, WAN security, WAN data protection, MACsec encryption, network data protection, network data security, high-speed encryption, Senetas,
More informationIn-Flight Encryption. Jim Theodoras. Feb 2014
In-Flight Encryption Jim Theodoras Feb 2014 OSI Model 7 6 5 Top of Stack Application Presentation Session Data 4 Transport Layer TCP, UDP Segments 3 Network Layer IP/MPLS Packets 2 Data Link MAC Frames
More informationDATA CENTER INTERCONNECT SICHERER UND FLEXIBLER DATENAUSTAUSCH ZWISCHEN RECHENZENTREN COPYRIGHT 2014 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
DATA CENTER INTERCONNECT SICHERER UND FLEXIBLER DATENAUSTAUSCH ZWISCHEN RECHENZENTREN AGENDA 1. Key Feature learning's from ancient Greece? 2. User challenges to be addressed for IT, Data Centre and Cloud
More informationBIG DATA TRANSPORT. Innovative Data Center Connectivity
3 BIG DATA TRANSPORT Innovative Data Center Connectivity 2 Data Center Interconnection The last decade has witnessed the rise of social networks, over the top media distribution, mobile overtaking fixed
More informationIP Storage On-The-Road Seminar Series
On-The-Road Seminar Series Disaster Recovery and Data Protection Page 1 Agenda! The Role of IP in Backup!Traditional use of IP networks for backup! backup capabilities! Contemporary data protection solutions
More informationHigh Speed Encryption Made in Germany
High Speed Encryption Made in Germany Today s Trends in Network Encryption 2 Today s Trends in Network Encryption Contents Background ATMedia GmbH Why Encryption? Which Encryption? How to deploy Encryption
More informationEnhanced Security in Data Center Connectivity
May 2012 Enhanced Security in Data Center Connectivity Innovation from ADVA and IBM Network Integration Services ADVA and IBM Alliance: Solution Brief 2 Your Optical Network Becomes a Strategic Asset The
More informationLayer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer
Layer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer Layer 2 Network Encryption where safety is not an optical illusion Todays Agenda Fibre is safe
More informationDATA CENTER INTERCONNECT MARKET TRENDS AND REQUIREMENTS THE IMPACT OF MARKET TRENDS ON DATA CENTER INTERCONNECT FOR LARGE ENTERPRISES
DATA CENTER INTERCONNECT MARKET TRENDS AND REQUIREMENTS THE IMPACT OF MARKET TRENDS ON DATA CENTER INTERCONNECT FOR LARGE ENTERPRISES STRATEGIC WHITE PAPER The enterprise data center interconnect (DCI)
More informationHow To Create A Large Enterprise Cloud Storage System From A Large Server (Cisco Mds 9000) Family 2 (Cio) 2 (Mds) 2) (Cisa) 2-Year-Old (Cica) 2.5
Cisco MDS 9000 Family Solution for Cloud Storage All enterprises are experiencing data growth. IDC reports that enterprise data stores will grow an average of 40 to 60 percent annually over the next 5
More informationSecurity Configuration Guide P/N 300-010-493 Rev A05
EMC VPLEX Security Configuration Guide P/N 300-010-493 Rev A05 June 7, 2011 This guide provides an overview of VPLEX security configuration settings, including secure deployment and usage settings needed
More informationSoftware Defined Networking Real World Use Cases (Test bed at Marist/IBM)
Software Defined Networking Real World Use Cases (Test bed at Marist/IBM) Todd Bundy Director Business Development, ADVA Optical Networking tbundy@advaoptical.com Our Students, Our Future Benjamin Carle
More informationSuccessfully Delivering Multiple Leased Line, Cloud and Storage Connectivity solutions on a Common Optical Platform
Successfully Delivering Multiple Leased Line, Cloud and Storage Connectivity solutions on a Common Optical Platform Steve Blew Surf Telecoms Commercial Strategy & Development Manager Neil Sugden Transmode
More informationADVA Optical Networking, IBM, Juniper, Level3 Impact of Cloud on Carrier Networks
ADVA Optical Networking, IBM, Juniper, Level3 Impact of Cloud on Carrier Networks PTC 12 Harnessing Disruption: Roundtable 3: The Impact of Data Center Convergence, Virtualization and Cloud on DWDM optical
More informationSoftware Defined Networking - Real World Use Cases (Test bed at Marist/IBM)
Software Defined Networking - Real World Use Cases (Test bed at Marist/IBM) Our speakers today Todd Bundy Director Global Alliances, ADVA Optical Networking tbundy@advaoptical.com Joe Weinman SVP, Cloud
More informationThe Future of Storage Area Network
The Future of Area Network Henry Yang McDATA Corporation 4 McDATA Parkway, Broomfield CO 80021-5060 Phone: +1-720-558-4418 FAX: +1-720-558-4849 E-mail: Henry.Yang@McDATA.com Presented at the THIC Meeting
More informationOptimal. Data Center Connect (DCC) STRATEGIC WHITE PAPER
Optimal Solutions for Data Center Connect (DCC) STRATEGIC WHITE PAPER Table of contents / 1 Data center evolution / 2 Why DWDM transport for DCC? / 4 The Alcatel-Lucent 1830 PSS: The leading DWDM solution
More informationManaged Services The. The Road to Revenue. Pravin Mahajan pmahajan@cisco.com. Session Number Presentation_ID
Managed Services The The Road to Revenue Pravin Mahajan pmahajan@cisco.com Session Number 1 Agenda Managed Services Introduction Solution Offerings Market to Services Mapping Summary 2 High Business Interest
More informationDEVELOPING A STRATEGIC APPROACH TO DATA CENTER NETWORKING
DEVELOPING A STRATEGIC APPROACH TO DATA CENTER NETWORKING Executive Summary Data center networking presents many challenges in terms of supporting cost-effective, reliable, and high-performance services
More informationCisco Wide Area Application Services Optimizes Application Delivery from the Cloud
Cisco Wide Area Application Services Optimizes Application Delivery from the Cloud What You Will Learn The adoption of cloud-based computing and applications promises to improve the agility, efficiency,
More informationVolume Replication INSTALATION GUIDE. Open-E Data Storage Server (DSS )
Open-E Data Storage Server (DSS ) Volume Replication INSTALATION GUIDE Enterprise-class Volume Replication helps ensure non-stop access to critical business data. Open-E DSS Volume Replication Open-E Data
More informationAssignment # 1 (Cloud Computing Security)
Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual
More informationSAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1
SAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1 Application Note: SAN/iQ Remote Copy Networking Requirements SAN/iQ Remote Copy provides the capability to take a point in time snapshot of
More informationCisco Active Network Abstraction Gateway High Availability Solution
. Cisco Active Network Abstraction Gateway High Availability Solution White Paper This white paper describes the Cisco Active Network Abstraction (ANA) Gateway High Availability solution developed and
More informationValue Proposition for Data Centers
Value Proposition for Data Centers C ollocation or a trend of hosting customers servers at a provider s physical location has been steadily growing in the recent years due to its many benefits. The collocation
More informationAvaya TM G700 Media Gateway Security. White Paper
Avaya TM G700 Media Gateway Security White Paper March 2002 G700 Media Gateway Security Summary With the Avaya G700 Media Gateway controlled by the Avaya S8300 or S8700 Media Servers, many of the traditional
More informationAvaya G700 Media Gateway Security - Issue 1.0
Avaya G700 Media Gateway Security - Issue 1.0 Avaya G700 Media Gateway Security With the Avaya G700 Media Gateway controlled by the Avaya S8300 or S8700 Media Servers, many of the traditional Enterprise
More informationData Replication INSTALATION GUIDE. Open-E Data Storage Server (DSS ) Integrated Data Replication reduces business downtime.
Open-E Data Storage Server (DSS ) Data Replication INSTALATION GUIDE Integrated Data Replication reduces business downtime. Open-E DSS Data Replication Open-E Data Server Storage (DSS) offers enterprise-class
More informationNetwork Services Internet VPN
Contents 1. 2. Network Services Customer Responsibilities 3. Network Services General 4. Service Management Boundary 5. Defined Terms Network Services Where the Customer selects as detailed in the Order
More informationWAN Failover Scenarios Using Digi Wireless WAN Routers
WAN Failover Scenarios Using Digi Wireless WAN Routers This document discusses several methods for using a Digi wireless WAN gateway to provide WAN failover for IP connections in conjunction with another
More informationLab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM
Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM Objective Scenario Topology In this lab, the students will complete the following tasks: Prepare to configure Virtual Private Network (VPN)
More informationCloud Security Best Practices
Cloud Security Best Practices Cohesive Networks - your applications secured VNS3 security and connectivity solutions protect cloud-based applications from exploitation by hackers, criminal gangs, and foreign
More informationAmazon Cloud Storage Options
Amazon Cloud Storage Options Table of Contents 1. Overview of AWS Storage Options 02 2. Why you should use the AWS Storage 02 3. How to get Data into the AWS.03 4. Types of AWS Storage Options.03 5. Object
More informationL2 Box. Layer 2 Network encryption Verifiably secure, simple, fast.
L2 Box Layer 2 Network encryption Verifiably secure, simple, fast. reliable line encryption. Nowadays internal and confidential data is exchanged between locations or computer centres of public authorities
More informationSoftware Defined Networking Real World Use Cases (Test bed at Marist/IBM)
Software Defined Networking Real World Use Cases (Test bed at Marist/IBM) Todd Bundy Director Business Development, ADVA Optical Networking tbundy@advaoptical.com Our Students, Our Future Benjamin Carle
More informationIntroduction to Computer Security
Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation
More informationEnterprise Data. Achieving versatility and scale
Enterprise Data Center Connect Achieving versatility and scale Strategic White Paper When choosing the best technology and the right products to meet their connect (DCC) networking requirements, enterprises
More informationLAYER 2 ENCRYPTORS METRO AND CARRIER ETHERNET METROS AND WIDE AREA NETWORKS ETHERNET ENCRYPTION FOR PRESENTS:
PRESENTS: LAYER 2 ENCRYPTORS FOR METRO AND CARRIER ETHERNET METROS AND WIDE AREA NETWORKS ETHERNET ENCRYPTION INTRODUCTION: PROTECTING VIRTUAL PRIVATE NETWORKS AND LAN EXTENSIONS: LAYER 2 VS. LAYER 3 Version
More informationVPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs.
Virtual Private LAN Service (VPLS) A WAN that thinks it s a LAN. VPLS is a high security, low latency means to connect sites or services either point-to-point or as a mesh. We use Virtual Private LAN Service
More informationLayer 2 Encryption Fortifying data transport
autumn meeting 2014 Layer 2 Encryption Fortifying data transport Christian Zank n Cube Optics AG n October 2, 2014 Need for Encryption? n 50.000 network intrusions detected every day Cisco 2013 n Data
More informationSILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE
VSPEX IMPLEMENTATION GUIDE SILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE Silver Peak Abstract This Implementation Guide describes the deployment of Silver Peak
More informationWAN Optimization. Riverbed Steelhead Appliances
WAN Optimization Riverbed Steelhead Appliances Steelhead appliances deliver the highest performance and the most scalable wide-area data services solution available, overcoming both bandwidth and latency
More informationHP LeftHand SAN Solutions
HP LeftHand SAN Solutions Support Document Application Notes SAN/iQ Remote Copy Networking Requirements Legal Notices Warranty The only warranties for HP products and services are set forth in the express
More informationNovember 2013. Defining the Value of MPLS VPNs
November 2013 S P E C I A L R E P O R T Defining the Value of MPLS VPNs Table of Contents Introduction... 3 What Are VPNs?... 4 What Are MPLS VPNs?... 5 What Are the Benefits of MPLS VPNs?... 8 How Do
More informationIN CONTROL AT LAYER 2: A TECTONIC SHIFT IN NETWORK SECURITY.
IN CONTROL AT LAYER 2: A TECTONIC SHIFT IN NWORK SECURITY. WHO SHOULD READ THIS WHITE-PAPER: NWORK ARCHITECTS / MANAGERS, DATA SECURITY MANAGERS, CIOs, CSOs. EXECUTIVE SUMMARY Network hacking and corporate
More informationEonStor DS remote replication feature guide
EonStor DS remote replication feature guide White paper Version: 1.0 Updated: Abstract: Remote replication on select EonStor DS storage systems offers strong defense against major disruption to IT continuity,
More informationNET ACCESS VOICE PRIVATE CLOUD
Page 0 2015 SOLUTION BRIEF NET ACCESS VOICE PRIVATE CLOUD A Cloud and Connectivity Solution for Hosted Voice Applications NET ACCESS LLC 9 Wing Drive Cedar Knolls, NJ 07927 www.nac.net Page 1 Table of
More informationMigration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module
Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module June, 2015 WHITE PAPER Contents Advantages of IBM SoftLayer and RackWare Together... 4 Relationship between
More informationData Compression and Deduplication. LOC 2010 2010 Cisco Systems, Inc. All rights reserved.
Data Compression and Deduplication LOC 2010 2010 Systems, Inc. All rights reserved. 1 Data Redundancy Elimination Landscape VMWARE DeDE IBM DDE for Tank Solaris ZFS Hosts (Inline and Offline) MDS + Network
More informationAll Fibers Lead to Data Centers
shaping tomorrow with you All Fibers Lead to s With the recent explosive growth of video streaming, social media, and cloud-based services, a large portion of Internet traffic either comes from data centers
More informationTimePictra Release 10.0
DATA SHEET Release 100 Next Generation Synchronization System Key Features Web-based multi-tier software architecture Comprehensive FCAPS management functions Software options for advanced FCAPS features
More informationBest Practice and Deployment of the Network for iscsi, NAS and DAS in the Data Center
Best Practice and Deployment of the Network for iscsi, NAS and DAS in the Data Center Samir Sharma, Juniper Networks Author: Samir Sharma, Juniper Networks SNIA Legal Notice The material contained in this
More informationAffording the Upgrade to Higher Speed & Density
Affording the Upgrade to Higher Speed & Density Ethernet Summit February 22, 2012 Agenda VSS Overview Technology Q&A 2 Corporate Overview World Leader in Network Intelligence Optimization Deployed in 80%
More informationTruffle Broadband Bonding Network Appliance
Truffle Broadband Bonding Network Appliance Reliable high throughput data connections with low-cost & diverse transport technologies PART I Truffle in standalone installation for a single office. Executive
More informationEdgewater Routers User Guide
Edgewater Routers User Guide For use with 8x8 Service May 2012 Table of Contents EdgeMarc 250w Router Overview.... 3 EdgeMarc 4550-15 Router Overview... 4 Basic Setup of the 250w, 200AE1 and 4550... 5
More informationVirtual Privacy vs. Real Security
Virtual Privacy vs. Real Security Certes Networks at a glance Leader in Multi-Layer Encryption Offices throughout North America, Asia and Europe Growing installed based with customers in 37 countries Developing
More informationIssue December 2004. SAN Interworking. Contents
F SAN Interworking Issue December 2004 Contents 1. Introduction 2 2. Global scenarios 2 2.1 Interworking between SAN islands 2 2.2 Connections over large distances 2 2.3 TCP/IP networks for block-oriented
More information10 Gigabit Ethernet: Scaling across LAN, MAN, WAN
Arasan Chip Systems Inc. White Paper 10 Gigabit Ethernet: Scaling across LAN, MAN, WAN By Dennis McCarty March 2011 Overview Ethernet is one of the few protocols that has increased its bandwidth, while
More informationDeploying 10/40G InfiniBand Applications over the WAN
Deploying 10/40G InfiniBand Applications over the WAN Eric Dube (eric@baymicrosystems.com) Senior Product Manager of Systems November 2011 Overview About Bay Founded in 2000 to provide high performance
More informationEnterprises have turned to cloud-based applications
JULY 2014 THE STATE OF Data Center Networking The Cloud Effect on Data Center Networking Enterprise IT departments are seeking highperformance connections to data centers for mission-critical, cloud-based
More informationConstruction of High-speed and High-reliability Optical Networks for Social Infrastructure
Hitachi Review Vol. 59 (Feb. 2010) 1 Construction of High-speed and High-reliability Optical Networks for Social Infrastructure Ryosuke Nishino Hideaki Tsushima, Dr. Eng. Eisuke Sato Shinsuke Tanaka OVERVIEW:
More informationSoftware-Defined Networks Powered by VellOS
WHITE PAPER Software-Defined Networks Powered by VellOS Agile, Flexible Networking for Distributed Applications Vello s SDN enables a low-latency, programmable solution resulting in a faster and more flexible
More informationLinkProof And VPN Load Balancing
LinkProof And Load Balancing Technical Application Note May 2008 North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware Ltd. 22 Raoul Wallenberg
More informationEdgewater Routers User Guide
Edgewater Routers User Guide For use with 8x8 Service Version 1.0, March 2011 Table of Contents EdgeMarc 200AE1-10 Router Overview...3 EdgeMarc 4550-15 Router Overview...4 Basic Setup of the 200AE1 and
More informationOptimal Network Connectivity Reliable Network Access Flexible Network Management
Aggregating Links For Maximum Performance Optimal Network Connectivity Reliable Network Access Flexible Network Management Enterprises are increasingly relying on the internet for delivery of critical
More informationCisco Application Networking Manager Version 2.0
Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager (ANM) software enables centralized configuration, operations, and monitoring of Cisco data center networking equipment
More informationTITANXR Multi-Switch Management Software
TITANXR Multi-Switch Management Software Centralized management of APCON network monitoring switches Features Centralized APCON system management View status and alerts Configurable Dashboards Monitor
More informationCarrier/WAN SDN. SDN Optimized MPLS Demo
Carrier/WAN SDN SDN Optimized MPLS Demo Problem Statement! Service Providers around the world have large investments in highly sophisticated and feature rich IP/MPLS network infrastructures for providing
More informationHow To Connect To Bloomerg.Com With A Network Card From A Powerline To A Powerpoint Terminal On A Microsoft Powerbook (Powerline) On A Blackberry Or Ipnet (Powerbook) On An Ipnet Box On
Transport and Security Specification 15 July 2015 Version: 5.9 Contents Overview 3 Standard network requirements 3 Source and Destination Ports 3 Configuring the Connection Wizard 4 Private Bloomberg Network
More informationVPN. VPN For BIPAC 741/743GE
VPN For BIPAC 741/743GE August, 2003 1 The router supports VPN to establish secure, end-to-end private network connections over a public networking infrastructure. There are two types of VPN connections,
More informationHigh Performance Cloud Connect and DCI Solution at Optimum Cost
High Performance Cloud Connect and DCI Solution at Optimum Cost Chandra Shekhar Pandey VP PLM Platform Solutions BTI Systems San Jose, CA USA February 2012 1 Cloud Connect /DCI Solution Cloud Connect/DCI
More informationUsing LISP for Secure Hybrid Cloud Extension
Using LISP for Secure Hybrid Cloud Extension draft-freitasbellagamba-lisp-hybrid-cloud-use-case-00 Santiago Freitas Patrice Bellagamba Yves Hertoghs IETF 89, London, UK A New Use Case for LISP It s a use
More informationWAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO
WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO The number of branch-office work sites is increasing, so network administrators need tools to
More informationWhite Paper Technology Review
White Paper Technology Review iscsi- Internet Small Computer System Interface Author: TULSI GANGA COMPLEX, 19-C, VIDHAN SABHA MARG, LUCKNOW 226001 Uttar Pradesh, India March 2004 Copyright 2004 Tata Consultancy
More informationUniversal Network Access Policy
Universal Network Access Policy Purpose Poynton Workmens Club makes extensive use of network ed Information Technology resources to support its research and administration functions and provides a variety
More informationHow To Secure My Data
How To Secure My Data What to Protect??? DATA Data At Rest Data at Rest Examples Lost Infected Easily Used as Backup Lent to others Data Corruptions more common Stolen Left at airports, on trains etc Hard
More informationFlexible SDN Transport Networks With Optical Circuit Switching
Flexible SDN Transport Networks With Optical Circuit Switching Multi-Layer, Multi-Vendor, Multi-Domain SDN Transport Optimization SDN AT LIGHT SPEED TM 2015 CALIENT Technologies 1 INTRODUCTION The economic
More informationCCNA Security 1.1 Instructional Resource
CCNA Security 1.1 Instructional Resource Chapter 8 Implementing Virtual Private Networks 2012 Cisco and/or its affiliates. All rights reserved. 1 Describe the purpose and types of VPNs and define where
More informationHIGH PERFORMANCE ENCRYPTION SOLUTIONS SECURING CRITICAL NATIONAL INFRASTRUCTURE
HIGH PERFORMANCE ENCRYPTION SOLUTIONS SECURING CRITICAL NATIONAL INFRASTRUCTURE CRITICAL NATIONAL INFRASTRUCTURE The UKs national infrastructure is defined by Government as those facilities, systems, sites
More informationThe Evolution of Ethernet
June 2010 White Paper The Evolution of Ethernet How Ethernet solutions, such as NTT America s VLink, can help businesses reduce private networking costs while leveraging Ethernet technology. Introduction
More informationFibre Channel Overview of the Technology. Early History and Fibre Channel Standards Development
Fibre Channel Overview from the Internet Page 1 of 11 Fibre Channel Overview of the Technology Early History and Fibre Channel Standards Development Interoperability and Storage Storage Devices and Systems
More informationDATA CENTER INTERCONNECT SOLUTIONS FOR LARGE ENTERPRISES MEETING CURRENT AND FUTURE NEEDS FOR ENTERPRISE DATA CENTER INTERCONNECT
DATA CENTER INTERCONNECT SOLUTIONS FOR LARGE ENTERPRISES MEETING CURRENT AND FUTURE NEEDS FOR ENTERPRISE DATA CENTER INTERCONNECT STRATEGIC WHITE PAPER The rapid gains in data center efficiency, the emergence
More informationRisk-Free and Future-Proof Transition to Packet
ElastiGRID for utilities Risk-Free and Future-Proof Transition to Packet In the strategic industries sector, multiple drivers are prompting network modernization: aging legacy networks, SmartGrid, security
More informationFeature Comparison. Windows Server 2008 R2 Hyper-V and Windows Server 2012 Hyper-V
Comparison and Contents Introduction... 4 More Secure Multitenancy... 5 Flexible Infrastructure... 9 Scale, Performance, and Density... 13 High Availability... 18 Processor and Memory Support... 24 Network...
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationM.Sc. IT Semester III VIRTUALIZATION QUESTION BANK 2014 2015 Unit 1 1. What is virtualization? Explain the five stage virtualization process. 2.
M.Sc. IT Semester III VIRTUALIZATION QUESTION BANK 2014 2015 Unit 1 1. What is virtualization? Explain the five stage virtualization process. 2. What are the different types of virtualization? Explain
More informationIntroduction to Computer Security
Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation
More informationData Center. Security A comprehensive approach to preventing, detecting and mitigating data security risks
Data Center Connect Security A comprehensive approach to preventing, detecting and mitigating data security risks Strategic White Paper Facing increased security threats and new regulations, enterprises
More informationApplication Note License-Exempt Gigabit Ethernet Microwave Radio Applications
Application Note License-Exempt Gigabit Ethernet Microwave Radio Applications Applicable Products: EX-5r GigE, EX-5r-c GigE Introduction The accelerated growth of fixed and mobile wireless broadband services
More informationRuggedCom Solutions for
RuggedCom Solutions for NERC CIP Compliance Rev 20080401 Copyright RuggedCom Inc. 1 RuggedCom Solutions Hardware Ethernet Switches Routers Serial Server Media Converters Wireless Embedded Software Application
More informationLocal Area Networks (LANs) Blueprint (May 2012 Release)
Local Area Networks (LANs) The CCNT Local Area Networks (LANs) Course April 2012 release blueprint lists the following information. Courseware Availability Date identifies the availability date for the
More informationDeploying Riverbed wide-area data services in a LeftHand iscsi SAN Remote Disaster Recovery Solution
Wide-area data services (WDS) Accelerating Remote Disaster Recovery Reduce Replication Windows and transfer times leveraging your existing WAN Deploying Riverbed wide-area data services in a LeftHand iscsi
More informationComputer Networking Networks
Page 1 of 8 Computer Networking Networks 9.1 Local area network A local area network (LAN) is a network that connects computers and devices in a limited geographical area such as a home, school, office
More informationData Replication in Privileged Credential Vaults
Data Replication in Privileged Credential Vaults 2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Background: Securing Privileged Accounts 2 2 The Business Challenge 3 3 Solution Approaches
More information