L2 Box. Layer 2 Network encryption Verifiably secure, simple, fast.



Similar documents
Intelligent Solutions for the Highest IT Security Demands

Intelligent Solutions for the Highest IT Security Requirements

High Speed Encryption Made in Germany

SafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and

ETHERNET WAN ENCRYPTION SOLUTIONS COMPARED

Layer 2 Network Encryption where safety is not an optical illusion Marko Bobinac SafeNet PreSales Engineer

successstory Security for Diplomacy High Security for Embassy Networks

High speed Ethernet WAN: Is encryption compromising your network?

ETHERNET ENCRYPTION MODES TECHNICAL-PAPER

How To Secure My Data

Rohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests

ethernet services for multi-site connectivity security, performance, ip transparency

High Speed Ethernet WAN: Is encryption compromising your network?

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

TrustNet Group Encryption

TrustWay: the high security solution

RFC 2544 Testing of Ethernet Services in Telecom Networks

Training courses 2015/2016

Central Office Testing of Network Services

NATIONAL RESEARCH AGENCY CASE STUDY - CCTV NETWORK SERVICES

Virtual Privacy vs. Real Security

R&S IP-GATE IP gateway for R&S MKS9680 encryption devices

Enterprise Business Products 2014

IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life

Security Design.

White paper. Business Applications of Wide Area Ethernet

we secure YOUR network we secure network security English network security

NetTESTER Embedded 'Always-On' Network Testing & In-Service Performance Assurance

10 Gigabit Ethernet: Scaling across LAN, MAN, WAN

EPIPE Connectivity Services

NZQA Expiring unit standard 6857 version 4 Page 1 of 5. Demonstrate an understanding of local and wide area computer networks

Cisco EtherSwitch Network Modules

Preparing Your IP network for High Definition Video Conferencing

HIPAA Security Considerations for Broadband Fixed Wireless Access Systems White Paper

Preparing Your IP Network for High Definition Video Conferencing

TrustNet CryptoFlow. Group Encryption WHITE PAPER. Executive Summary. Table of Contents

MPLS provides multi-site solution

Get Better Protected... Secure data sharing made possible with Updata s Encryption Overlay Service.

Service Definition. Internet Service. Introduction. Product Overview. Service Specification

Application Note How To Determine Bandwidth Requirements

Tunnel Routing. Preface. Challenge

LAYER 2 ENCRYPTORS METRO AND CARRIER ETHERNET METROS AND WIDE AREA NETWORKS ETHERNET ENCRYPTION FOR PRESENTS:

Group Encryption. The key to protecting data in motion BLACK BOX blackbox.com

Secured Voice over VPN Tunnel and QoS. Feature Paper

VPN. Date: 4/15/2004 By: Heena Patel

Computer Networking Networks

Securing VoIP Networks using graded Protection Levels

Network Simulation Traffic, Paths and Impairment

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Performance Testing BroadR-Reach Automotive Ethernet

The Next Generation Network:

Configuring QoS in a Wireless Environment

Building integrated services intranets

Your Wide Area Network Just Got a Whole Lot Wider.

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

EVALUATING NETWORKING TECHNOLOGIES

APPLICATION NOTE 209 QUALITY OF SERVICE: KEY CONCEPTS AND TESTING NEEDS. Quality of Service Drivers. Why Test Quality of Service?

Quality of Service Analysis of site to site for IPSec VPNs for realtime multimedia traffic.

The term Virtual Private Networks comes with a simple three-letter acronym VPN

MITEL. NetSolutions. Flat Rate MPLS VPN

WHITEPAPER. VPLS for Any-to-Any Ethernet Connectivity: When Simplicity & Control Matter

November Defining the Value of MPLS VPNs

Designing for Cisco Internetwork Solutions

How To Protect Your Data From Harm With Safenet

How To Build A Network For Storage Area Network (San)

Using & Offering Wholesale Ethernet Network and Operational Considerations

Frequently Asked Questions

Flexible and Flawless Get a hold of every critical moment instantly without compromise

Cisco Networks (ONT) 2006 Cisco Systems, Inc. All rights reserved.

convergence: preparing the enterprise network

Best Practices: The Key Things You Need to Know Now About Secure Networking Layer 1 (SONET), Layer 2 (ATM), and Layer 3 (IP) Encryption Technologies

Security and the Mitel Teleworker Solution

The Hybrid Enterprise. Enhance network performance and build your hybrid WAN

Senetas CERTIFIED network data security - For commercial & industrial SENETAS CERTIFIED NETWORK DATA SECURITY - FOR COMMERCIAL & INDUSTRIAL

Senetas CERTIFIED network data security - For Government SENETAS CERTIFIED NETWORK DATA SECURITY - FOR GOVERNMENT

2 Basic Concepts. Contents

Secure Video- Conferencing using Omnisec

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Observer Analysis Advantages

SAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1

Resilient Metropolitan Area Networks

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Comparing MPLS and Internet Links for Delivering VoIP Services

R&S IP-GATE IP gateway for ISDN encryption devices

Cisco CCNP Optimizing Converged Cisco Networks (ONT)

Observer Probe Family

Customer White paper. SmartTester. Delivering SLA Activation and Performance Testing. November 2012 Author Luc-Yves Pagal-Vinette

ENTERPRISE CONNECTIVITY

TC Infrastructure & Application Operations. Direct Network Links.

Cisco Group Encrypted Transport VPN: Tunnel-less VPN Delivering Encryption and Authentication for the WAN

VPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs.

Transcription:

L2 Box Layer 2 Network encryption Verifiably secure, simple, fast.

reliable line encryption. Nowadays internal and confidential data is exchanged between locations or computer centres of public authorities and companies primarily over public lines. As a consequence information can be read or manipulated using comparatively simple techniques. The resulting damage in terms of trust, image and cost is still vastly underestimated. Further, companies and public authorities are increasingly subject to international, national or internal compliance rules that demand specified measures for and proof of information security. Reliable protection of information is absolutely essential. The safest and most cost-effective method is the use of encryption. The development of such encryption solutions right up to security architectures such as SINA is one of secunet s core competences. With es you can reliably protect your information even in potentially non-secure networks. Due to its highly efficient encryption performance, virtually no reduction in data throughput is noticeable. Its ability to function as well as the performance of the public authority and company network are not affected, and confidentiality, integrity, availability and authenticity of the information is guaranteed during data transfer the SINA L2 technology supports you in meeting your compliance requirements. Security and performance with hardware cryptography. The es encrypt data lines between locations or within public authorities and companies. Even highly time-critical applications and scenarios are secured due to the very low latency, and VoIP connections as well as video conferences are protected from data manipulation and espionage during transmission without any loss of quality. Bandwidths of 100 MBit/s, 1 GBit/s or 10 GBit/s prevent loss of performance, enabling a secure connection or synchronisation even of entire data centres and storage attached network (SAN) environments. Through the deployment of hardware cryptography in data transmission, coupling or synchronisation take place securely and without loss of performance. Even satellite connections can be encrypted with no noticeable loss of quality, and the common issues of jitter and delay do not arise with SINA Layer 2 encryption. All routing protocols are supported. About SINA. SINA (Secure Inter-Network Architecture) enables the protected processing, storage, transfer and a full audit trail of classified information and other sensitive data. The portfolio comprises various SINA clients, gateways and link encryptors as well as the SINA Management. All SINA products have successfully been in service with national and international customers over a number of years.

- tailor-made encryption. Data connections can be encrypted at layer 2 or 3 of the ISO/OSI layer model. es are particularly suited to the rapid and secure transfer of large quantities of data, for example in mirrored data centres, as they produce no overhead and thus offer the highest possible security and full performance with minimum latency. They are therefore preferred for time-critical applications and heavily utilised connections. Layer 2 encryption is protocol-independent. The encryption at layer 3, on the other hand, is protocol-dependent (IP-based) and thus more flexible in terms of device selection. This means that more complex environments can be mapped at layer 3. It is possible to configure security connections with gateways, stationary and mobile clients. However, unlike to layer 2 encryption, data transfer at layer 3 can not achieve line speed. Encryption can be made at both layers with SINA as point-to-point, pointto-multipoint and multipoint-to-multipoint connections. This makes SINA L2 Boxes an excellent solution for safeguarding existing network infrastructures. Public authorities and corporations can select the encryption method best suited to their specific application. The SINA L2 technology is the ideal solution for your secure data transfer. Head Office SAN at Location A SINA Management SAN at Location B other Branch Offices Branch Office 1 Branch Office 2

Simple and effective - from integration to commissioning right through to live operation. es can be integrated into your network conveniently and quickly and no change to your network infrastructure is required! Encryption is performed between boxes that are invisible to the network the components can be deployed immediately and are easily integrated into the line between provider and company network. The simplest installation for a medium-sized company or public authority network, for example, can be completed within one day and without affecting live operation. From the point of integration onwards, your data and classified matters are transferred securely. Attackers are no longer able to identify the network infrastructure behind the es. Once in use, the SINA L2 Boxes operate with practically no administration and maintenance, thus reducing your operating costs to a minimum. Installation, maintenance, analysis by qualified personnel professional and high performance. Professional set-up by secunet in combination with tailored, maintenancefree operation of the encryption solution guarantee the highest possible protection and continuous availability of your es. The quality of the network connections between SINA layer-2 encryptors can be demonstrated via a wide range of analysis and measuring services. The deployment of state-of-the-art measuring devices enables the data throughput of your connection to be determined, error and protocol analyses to be run and, for example, real-life comparison data with and without encryption to be provided. This allows you to keep the performance and the security of your data in view at all times.

The service portfolio at a glance. S 100M S 1G S 10G Protection Basic Basic Basic Brief description Hardware cryptography Hardware cryptography Hardware cryptography Throughput: Ethernet line rate in frame mode 100 MBit/s, full duplex Throughput: Ethernet line rate in frame mode 1 GBit/s, full duplex Throughput: Ethernet line rate in frame mode 10 GBit/s, full duplex Latency: 100 M: 40 μs per device Latency: 1 G: 8 μs per device Latency: 10 G: 4 μs per device For a detailed overview of all technical information see our fact sheet on the S. Security with BSI approval: The is approved by the Federal Office for Information Security (BSI) up to and including RESTRICTED and NATO RESTRICTED. A RESTREINT UE* approval has also been granted. the technology. With the product variants of the es, secunet offers a high-security solution for the cryptographic safeguarding of IEEE 802.3-compliant Ethernet and dark fibre links. Using full-duplex encryption the reliably secures these connections with throughput rates of 100 MBit/s, 1 GBit/s or 10 GBit/s. The entire range of applications in MAN, WAN and SAN areas can be used comfortably. The SINA L2 components are delivered ready for operation and work fully transparently for VLAN, MPLS and other networks. There is no restriction to any specific protocol to be used. Security functions, such as manipulation-protected key storage, integrated line and operational monitoring, audit and event logging, as well as the easy query of the operational status via SNMP ensure straightforward network operation. The synchronisation of the remote locations and the exchange of the cryptographic connection key occur automatically at regular intervals. Additional security is provided by the integrated anti-replay function that guards against attacks via data replay.

all benefits.» Protection of Ethernet LAN connections (point-to-point, point-to-multipoint and multipoint-to-multipoint connections)» Various models to choose from: 100 MBit/s, 1 GBit/s and 10 GBit/s data throughput» Full duplex encryption at line speed» Key generation via hardware random number generators» AES (256 Bit) encryption» Encryption independent of packet size» Replay protection (protection against the replay of data already used)» Integrity protection (protection against active attacks)» Transparent with respect to VLAN, MPLS» Protocol-independent» No change to the network infrastructure and existing processes thanks to flexible and modular architecture» Protection against exposure of the internal network infrastructure» Straightforward administration by means of numerous security functions» Low operating costs, maintenance-free operation» Approved by BSI up to RESTRICTED, NATO RESTRICTED inclusive, a RESTREINT UE* approval has also been granted * For German national use. Further information: www.sinalayer2.secunet.com/en secunet Security Networks AG Kronprinzenstraße 30 45128 Essen, Germany Phone: +49-201- 54 54-0 Fax: +49-201- 54 54-1000 E-mail: info@secunet.com www.secunet.com 09/2012

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information