High-speed Encryption from Crypto AG: Secure Communication via Broadband Networks



Similar documents
Secure telephony via classic and IP networks. office security solutions

Secure telephone communications with Voice over IP from Crypto AG

MultiCom Encryption The only encryption platform that can defend your sovereignty in all networks! Radio security solutions

Fax Encryption HC-4221 / HC-4221C. Provides Maximum Protection for your Fax Communication Needs. Office Security Solutions

The portfolio of Crypto AG: comprehensive solutions for the security of your information

Chapter 9A. Network Definition. The Uses of a Network. Network Basics

L2 Box. Layer 2 Network encryption Verifiably secure, simple, fast.

MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper

WHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider

Chapter 9. Communications and Networks. McGraw-Hill/Irwin. Copyright 2008 by The McGraw-Hill Companies, Inc. All rights reserved.

INTRODUCTION TO MEDIA CONVERSION

Computers Are Your Future Prentice-Hall, Inc.

Local-Area Network -LAN

High Speed Ethernet. Dr. Sanjay P. Ahuja, Ph.D. Professor School of Computing, UNF

Broadband Networks Virgil Dobrota Technical University of Cluj-Napoca, Romania

Network Topologies. Network Topologies

TC Infrastructure & Application Operations. Direct Network Links.

Secure voice and data communication on every wavelength. Crypto AG. RADIO SECURITY SOLUTIONS

Ethernet Services Overview

C Information Systems for Managers Fall 1999

ADSL or Asymmetric Digital Subscriber Line. Backbone. Bandwidth. Bit. Bits Per Second or bps

Telecommunications, Networks, and Wireless Computing

Chapter 1 Instructor Version

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

The evolution of data connectivity

How To Build A Network For Storage Area Network (San)

CONNECT PROTECT SECURE. Communication, Networking and Security Solutions for Defense

Making the Case for Satellite: Ensuring Business Continuity and Beyond. July 2008

Discovering Computers Chapter 9 Communications and Networks

How To Get More Bandwidth From Your Business Network

Telecom Business Continuity Solutions FOR INTERNAL USE ONLY

1 Which network type is a specifically designed configuration of computers and other devices located within a confined area? A Peer-to-peer network

Glossary of Telco Terms

Networks 2. Gabriela Ochoa University of Stirling CSCU9B1 Essential Skills for the Information Age. Content

A review of Plesiochronous Digital Hierarchy (PDH) and Synchronous Digital Hierarchy (SDH)

By: Mohsen Aminifar Fall 2014

Business Services. Is Ethernet the Right Choice for Your Network? Learn More: Call us at

ROGERS DELIVERS THE SPEED, POWER AND RELIABILITY OF FIBRE RIGHT TO YOU.

Fixed Wireless Broadband

SITRAFFIC Canto communication system. A technological leap in center-to-field communication. Intelligent Traffic Systems

November Defining the Value of MPLS VPNs

Alcatel-Lucent 1850 TSS-3 Transport Service Switch. A versatile network termination unit

White paper. Reliable and Scalable TETRA networks

White Paper. D-Link International Tel: (65) , Fax: (65) Web:

Course 12 Synchronous transmission multiplexing systems used in digital telephone networks

Chapter 4 Connecting to the Internet through an ISP

2 Basic Concepts. Contents

CLOUD COMPUTING IN PRIVATE DEFENCE NETWORKS

Chapter 7: Computer Networks, the Internet, and the World Wide Web. Invitation to Computer Science, C++ Version, Third Edition

Cable TV Headend Solutions

CTS2134 Introduction to Networking. Module 07: Wide Area Networks

1.264 Lecture 35. Telecom: Fiber optics. Next class: Green chapter Exercise due before class

Performance Management and Fault Management. 1 Dept. of ECE, SRM University

How To Protect Your Data From Harm With Safenet

Efficient remote access to machines and plants with SIMATIC

EDA 1200 and Mini-Link Solution. Early deployments of profitable fixed broadband

Communication Networks. MAP-TELE 2011/12 José Ruela

Avancerede Datanet. Ole Brun Madsen Professor Department of Control Engineering University of Aalborg. Infrastruktur

Chapter 8: Computer Networking. AIMS The aim of this chapter is to give a brief introduction to computer networking.

Copyright. Transport networks. Physical layer Transport and access networks. Pag. 1

Australian Satellite Communications CREDIBLE. RELIABLE. FLEXIBLE.

Primary Data Center. Remote Data Center Plans (COOP), Business Continuity (BC), Disaster Recovery (DR), and data

Cisco Mobile Network Solutions for Commercial Transit Agencies

WiMAX technology. An opportunity that can lead African Countries to the NET Economy. Annamaria Raviola SVP - Marketing and Business Development

The part of the network that connects customers to the exchange, sometimes called the local loop or the last mile.

What You Will Learn About. Computers Are Your Future. Chapter 8. Networks: Communicating and Sharing Resources. Network Fundamentals

Introduction to Optical Networks

Data Transmission. from one person or place to another. person or place to another of passing something

Propsim enabled Mobile Ad-hoc Network Testing

Truffle Broadband Bonding Network Appliance

secure For the ultimate in Cyber Defence TRL Technology

Introduction to ADSL. NEXTEP Broadband White Paper. Broadband Networks Group. A primer on Asymmetric Digital Subscriber Line transmission technology.

Senetas CERTIFIED network data security - For commercial & industrial SENETAS CERTIFIED NETWORK DATA SECURITY - FOR COMMERCIAL & INDUSTRIAL

Designing Reliable IP/MPLS Core Transport Networks

Intelligent Solutions for the Highest IT Security Requirements

Introduction to computer networks and Cloud Computing

The Business Case for Ethernet Services Whitepaper Sponsored by Time Warner Cable Business Class

Very soon. Satellite Internet Broadband Service

Network+ Guide to Networks 6 th Edition. Chapter 7 Wide Area Networks

Power over Ethernet technology for industrial Ethernet networks

Products and Services Catalogue

Senetas CERTIFIED network data security - For Government SENETAS CERTIFIED NETWORK DATA SECURITY - FOR GOVERNMENT

Security in Wireless Local Area Network

ADSL BROADBAND BASICS FOR THE DOMESTIC USER. The Main Limitations of ADSL Broadband are as follows.

Computer Network. Interconnected collection of autonomous computers that are able to exchange information

Wireless Links - Wireless communication relies on radio signals or infrared signals for transmitting data.

Evaluating Carrier-Class Ethernet Services

Chapter 9 Communications and Networks

The data can be transmitted through a variety of different communications platforms such as:

WIRELESS BROADBAND SOLUTIONS FOR CABLE OPERATORS

Vodacom Business Solutions Portfolio. The complete package... Your guide to business solutions from Vodacom Business

Computer Networking Networks

Technical Glossary from Frontier

Chapter 11: WAN. Abdullah Konak School of Information Sciences and Technology Penn State Berks. Wide Area Networks (WAN)

Intelligent Solutions for the Highest IT Security Demands

Transcription:

High-speed Encryption from Crypto AG: Secure Communication via Broadband Networks NETWORK SECURITY Solutions

Digital age: concentrated data flows All industries depend on being able to transmit and receive data reliably and at ever faster speeds. Easy and, in particular, fast access to information is a major performance criterion in today s communication and knowledge-based society. Data highways form the backbone for all communication. With thousands of broadband connections established around the world every day and the mobile communication market growing unabated, the demand for transmission capacity and higher data rates is naturally growing by leaps and bounds. For example, every laptop or PDA can now communicate over broadband thanks to W-LAN. Also contributing to the broadband boom are professional applications such as the transmission of business conferences by video, the transfer of radar pictures or e-government systems. All these applications generate a flood of data that ultimately has to be carried over the core network. What does that mean for you as a user? In broadband data transmission, data generally leave the protected area of the IT infrastructure, e.g. the computing centre of a government ministry, the floor where a diplomatic mission is located, the command post of an army unit or the command centre of a naval base. From this access point, your data is transported unprotected through the core network (Wide Area Network WAN), because transmission capacity and speed are the top priorities in that network. In other words, core networks, which are typically routed over public land, are designed first for transfer speed and only secondarily for confidentiality. 2

completely new magnitudes of risk Information security impacts the entire society in our information age. Networking is growing at an almost explosive pace among public authorities and in the business world. A central concern is that the entire society has become dependent on what are known as critical national infrastructures as a result. These infrastructures are tangible and IT facilities, networks, services and assets of such importance that disturbances in them have grave ramifications for the health, security or well-being of citizens and the efficient operation of a country s government. They are inherently insecure for technical reasons and also because they are prime targets for attacks. Moreover, all transmission technologies, including fibre optic links, are easy to tap. Realistically, a risk profile should also include potential internal organisational risks such as incorrect operation, misuse, negligence and an underestimation of risks. However, the information circulating in the networks of presidential offices, government ministries, defence and police organisations or big businesses is highly sensitive. Items of information in this environment qualify as valuables and the risks they are subject to are correspondingly large. Information security in the use of broadband communication is existentially important! Information transferred over broadband networks has to be protected against unauthorised access. There is only one reliable way of doing so, namely to encrypt all transmitted data. It is important that the quality of transmission should not be impaired in any way in the process. 3

Metro Ethernet N The world of broadband communication SatCom SONET/SDH Network Leased Line Fibre Optic Network DSL

Copper cable (DSL, Leased Line) Copper is the classic medium for transmitting voice and data information. Copper cables also connect users who are far apart geographically. As leased lines, they establish fixed connections yet are virtually routed over public provider networks. Copper is a tried and tested medium of transmission, easy to lay, reliable and cost-effective in operation. etwork Microwave PDH Network Fibre optic cable Optical fibre transmits optically coded signals using coherent light. In other words, electrical signals have to be converted to optical ones prior to transmission. Each fibre can achieve an enormous transmission bandwidth if light is used simultaneously with different wavelengths (wavelength multiplexers (WDM)). Optical fibre is also immune to electromagnetic pulses. Microwave Microwave links are especially suitable for communication in difficult terrain (mountains, deserts). As a medium requiring no rights-of-way over land and minimal maintenance costs, microwave is quickly available and costeffective and offers a relatively large bandwidth. Microwave stations are easy to transport and can quickly be put into operation in open terrain or on buildings, e.g. for local events (conferences, crisis management, etc.) or for tactical missions being carried out by the armed forces. Fibre Channel Storage Area Storage Area Network Network Satellite links (SatCom) Satellite links can be established with one or several sequential links over any distance. They are an efficient solution either for stationary applications (e.g. over difficult terrain) or for temporary deployment at sites without adequate infrastructure. Satellites today have achieved practically complete geographic coverage and very high technical availability. Widespread technologies/protocols Ethernet: Originally created for local networks, this protocol was further developed and can now be used in global networks for endto-end data transmission (multipoint included). SONET/SDH: SDH ( Synchronous Digital Hierarchy ) is ideal for the high-speed transport of large volumes of data, usually over optical fibre networks. Its tight synchronisation of the rates of transport makes for easy management (extraction and insertion) of the data flows and a high quality of service. PDH: PDH ( Plesiochronous Digital Hierarchy ) has been used for years as a tried and tested transport protocol for medium-range performance. Fibre Channel (FC): Given the threats facing the world today, there is no choice but to transfer important data to decentralised data stores. FC is a modern protocol developed especially for storage area networks (SANs) to provide high-performance point-to-point links. These links typically connect a computing centre with a disaster-recovery computing centre or backup computing centre.

Secure broadband communication simple, reliable and maintenance-free Network providers offer a choice of several transport protocols and practically any scalable performance ranges to meet the highly individual needs of users. Each technology has its own strengths and meets different needs. Broadband communication is based on the transport media optic fibre, microwave, copper and satellite links. Crypto AG provides security solutions for all common network technologies, protocols and bandwidths. All of these solutions have two traits in common: they guarantee maximum security and they do not impair transport performances (of up to 10 gigabits per second). Ethernet Encryption The Ethernet standard plays a key role in end-to-end networking. Ethernet is frequently the protocol of choice whether data is transported in a local network (LAN), over optical fibre rings in a metropolitan network (MAN) or over long distances in a wide area network (WAN). Ethernet, once a local data transport technology, is now being applied to the whole range of applications from LAN to WAN without a change of protocol. This trend is evident today in the broad, interoperable product portfolio of everything from PC cards to network components from many manufacturers of Ethernet solutions. With this broad pool of expertise, it is much easier for users to optimise their use of network services by prioritising individual services and to set up operations that are more efficient. SONET/SDH Encryption Logical links are set up between network subscribers in a SONET/SDH network consisting of intermeshed nodes. Bit rates are internationally standardised, facilitating the transport of the most diverse mix of applications (voice, data, and video) over a central, end-to-end network, even nation-wide. SONET/SDH networks also have many advantages as regards error detection and differentiated error reporting. Network management is simple, centralised and semi-automated (according to specified criteria). That means the quality of service (QoS) can be geared to the needs of the specific user. If a network node or optical fibre fails, SONET/SDH network components can automatically reroute the data flows in a few milliseconds to a parallel path without impairing the functionality of the applications. Fibre Channel Encryption Fibre Channel is a transport protocol for large data quantities featuring speeds of 1, 2, 4, 8 and more gigabits per second. It is used primarily in storage area networks (SANs). Fibre Channel Encryption involves the encryption of point-to-point optical fibre links from the computing centre to the disaster-recovery or backup computing centre. They profit from data 6

transfer in real time (full wire speed) with maximum security. PDH Encryption PDH ( Plesiochronous Digital Hierarchy ) is a classic, standardised technique for the transmission and multiplexing of data. PDH can be used in connection with common transport technologies, e.g. copper lines, microwave links or satellite links. E1 (2 Mbps) and E3 (34 Mbps) are the most common transmission rates. Crypto AG has had PDH encryption solutions on offer for years and will continue to carry this technology in the future. High-security encryption up to a performance range of 10 gigabits per second: Ethernet Encryption, SONET/SDH Encryption, Fibre Channel Encryption. 7

Tailor-made system for each range of application The portfolio of Network Security Solutions from Crypto AG covers systems for all common media, network technologies and transport protocols. They are staggered in terms of performance range so that the suitable version can be selected for every specific need. With the purchase of a system, each customer receives its own secret algorithm, which the customer can change at any time and thus nationalise. Encryption is conducted in protected hardware modules fully shielded from the public network. As a result, the security data are never vulnerable to attack. Moreover, the encryption processes utilise no network components so full transport capacity is available at all times. The modern, rugged design with redundant components is highly reliable in operation even under extreme climatic conditions. Special design features prevent the compromising emission of secret information (COM- PREM). Shielded rooms are no longer necessary. No special knowledge is required for installation. Encryption (and key changes) is conducted in the background fully automatically. Network Security Solutions can be installed successively in existing broadband networks without having to shut these systems down. If need be, you are provided with project services to assist you in setting up and developing your systems, e.g. planning, engineering, installation, commissioning/formal acceptance and personnel training. With the handover of the system, you have a clear-cut and complete picture of your systems and the cryptographic processes involved. Crypto AG wants to be sure users can rely on high availability in long-time operation. That is why it offers individually designed maintenance and logistics services (in-factory or on-site maintenance, logistics for spare parts/ repairs, maintenance kits). With service level agreements, these costs can be planned. 8

Security Management to keep security under control Security management is a central element of any reliable high-speed encryption solution. It allows the customer to define the algorithm, keys, passwords and other security settings in line with its security policy and to monitor their effectiveness. Regular key changes should be easy to configure and to run autonomously/automatically while the encryption units are in operation. Crypto AG enables all this with its SMC-1100 Security Management Centre, a modern PC/laptop application with a hardware security module and external message scheduler. The SMC-1100 is extremely simple to operate and offers a high degree of security for defining, managing and distributing security data. Mistakes in operation are largely excluded by the system design, which also minimises the amount of training required. The intuitive Windows-based graphical user interface makes the security manager s job as easy as can be. It allows him or her to display the encryption system in a simple and straightforward way, query all settings and data for all units, and put the necessary security configurations in place. Management messages are distributed to the encryption unit in encrypted form by means of Smart Cards or online over an Ethernet link, which is more convenient and emanates from a centralised point. Online distribution is date-controlled so the operations can be carried out without staff having to be present. Keys in the unit are changed without any loss of data while the unit is operating. All processes are centrally logged for later audits, etc. Security Management Centre SMC-1100 Broadband. 9

Crypto AG To Remain Sovereign Crypto AG is your expert partner for the efficient and secure handling of information. As a legally and economically independent Swiss company, we are not subject to any export restrictions. We have been concentrating on developing, manufacturing and implementing custom security solutions for over 55 years. Our range comprises the latest technology and comprehensive services. After-sales service and product training that guarantee autonomous operation and high availability are assured over the system s entire lifetime, whatever the user environment. You too can rely on the expertise and capability of Crypto AG. Customers from over 130 countries are already doing just that. Crypto AG, Headquarters Crypto AG P.O. Box 460 CH-6301 Zug Switzerland Tel. +41 41 749 77 22 Fax +41 41 741 22 72 crypto@crypto.ch www.crypto.ch Crypto AG, Regional Offices Abidjan Crypto AG 01 B.P. 5852 Abidjan 01 Ivory Coast Tel. +225 22 41 17 71 Fax +225 22 41 17 73 Abu Dhabi Crypto AG Abu Dhabi P.O. Box 41076 Abu Dhabi United Arab Emirates Tel. +971 2 64 22 228 Fax +971 2 64 22 118 Buenos Aires Crypto AG Maipu 1256 PB A 1006 Buenos Aires Argentina Tel. +54 11 4312 1812 Fax +54 11 4312 1812 www.crypto.ch Kuala Lumpur Crypto AG Regional Office Pacific Asia Level 9B Wisma E&C 2, Lorong Dungun Kiri Damansara Heights 50490 Kuala Lumpur Malaysia Tel. +60 3 2080 2150 Fax +60 3 2080 2140 Muscat Crypto AG Regional Office Seeb PC 111 Sultanate of Oman Tel. +968 2449 4966 Fax +968 2449 8929 A member of The Crypto Group 2007 Crypto AG CP Broadband EN/0750

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information