Download Read 1G/10G Encryption for the Data Center

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Prognostics wikipedia , lookup

Intelligent maintenance system wikipedia , lookup

Transcript 
Solution Note
1G/10G Encryption for the Data Center
Transparent, High-Speed Data Center Security
Data Center security has become one of the highest network priorities as data thieves and crime rings seek to penetrate
perimeter defenses through increasingly complex attack vectors with alarming success and devastating effects.
The security imperative puts CIOs in the difficult position of having to secure Data Center traffic while at the same time
meeting the ever-increasing performance requirements of high-speed applications and synchronous replication.
Typical optical or circuit-based bulk encryption solutions do not perform authentication. This not only exposes the data to
the risk of tampering by a man in the middle attack, but it also can be used to break the encryption and expose sensitive
information. For information on why encryption without authentication is not secure download the following white paper at
http://www.certesnetworks.com/newdocs/wp-authentication_form.html.
Armed with the industry’s only multi-layer 10 Gigabit Encryptors and Certes TrustNet Manager™, you can achieve the highest
level of data center security over any network with full line-rate encrypted performance up to 10Gbps - without the use of
IPSec tunnels and without changing your network operations, visibility, or DR schemes.
Header preservation makes
secure traffic compatable with
QoS and Application Monitoring
Data Center
Fully redundant Active
Configuration supports
load balancing
1Gbps/10Gbps WAN
(DWDM, Carrier Ethernet,
Dark Fiber, etc.)
Line rate performance
with microsecond
delay
DR Site
Data Center
Secure Disaster Recovery
maintains compliant
connectivity
Typical CEP10G Data Center Deployment Scenario
Variable Speed Encryption Provides Secure
Investment Protection
The CEP10G offers a range of encryption speeds based on software licenses using AES-256 encryption at speeds of 500
Hypervisor
Mbps, 650 Mbps and 1, 2.5, 5 or 10 Gbps (full duplex), and the CEP1000 supports encrypted throughputPhysical
from Server
100 Mbps up
to 1 Gbps. This unique capability prevents you from overpaying for encrypted throughput because you can easily upgrade
the licensed speed as your needs change and only pay the difference between your current and desired encrypted
throughput.
CEP1000 and CEP VSE family enables organizations to standardize on one platform for any large campus or data center
network. The CEP10G integrates easily into any existing network while operating transparently in the network and ensuring
all of your data transmissions are encrypted and authenticated.
SN-10g-011813
Solution Note
1G/10G Encryption for the Data Center
Purpose Built for High Speed Data Centers
Encrypts and authenticates network traffic at wire speed
Dual Hot-swappable
power supplies
& field-replaceable fans
• From data centers to back up/DR sites
• From HQ and Branches
• Flexible pricing for 100Mbps, 155Mbps, 250Mbps, 500Mbps,
650Mbps, 1Gbps,
• 2.5Gbps, 5Gbps, or 10Gbps encrypted throughput
• Low Latency (Microseconds)
Proven Certes Group Encryption Technology
• Tunnel-less encryption is transparent to load balancing
and HA architectures
• Multi-layer capability allows layer 2, layer 3 or layer 4
based policies
• Fully compatible with network monitoring, policy based
routing and WAN optimization
Standards Based Encryption
•
•
•
•
•
AES 256 encryption with automated key rotations
Persistent authentication using SHA-256 hashing
FIPS 140-2 Validated
Common Criteria EAL4+
Jumbo Frame Support
High Availability
•
•
•
•
Management
Aux 1
Aux 2
Aux 3
CEP10G VSE
Remote Local
10G
10G
Dual Hot-swappable
AC or DC power supplies
Dual hot-swappable power supplies
AC or DC power
Field-replaceable fan trays (CEP10G)
Fully redundant active-active operation
Management
Aux 1
Remote Local
1G
1G
Central Policy Management
The CEP10G and CEP1000 can be configured and centrally managed via the Certes TrustNet Manager™. TrustNet Manager
allows both security and network administrators to quickly and easily manage network security from a centralized interface
with simple yet powerful drag and drop policy creation capability. Encryption policies can be based on source or destination
IP addresses, source or destination port numbers, protocol IDs, or VLAN tags. Policies can be quickly and easily modified
in seconds on even the largest networks, without traffic disruptions or interaction with remote personnel. TrustNet Manager
also provides logging and audit mechanisms to meet or exceed compliance and audit requirements.
Layer 2 Encryption
The CEP10G and CEP1000 provides wire-speed encryption at Layer 2. This allows synchronous replication among data
centers using a 10 GigE on 1 GigE connection across dark fiber or private circuits. The solution provides both encryption and
authentication which is essential for secure communications. In addition to Layer 2 Ethernet, the CEP10G can encrypt multiservice MPLS traffic while keeping the MPLS labels in the clear.
Layer 3/4 Encryption
In addition to Layer 2 encryption, the CEP10G and CEP1000 also provide standard IPsec encryption, (which encrypts the
Layer 4 header) and a unique Layer 4 compatible “payload only” encryption. This unique, patent-pending capability allows
network services, such as Netflow/Jflow, and Class of Service (CoS) based traffic shaping, to be maintained through the
service provider network while the payload itself is encrypted.
Global Headquarters
300 Corporate Center Dr., Suite 140
Pittsburgh, PA 15108
Tel: +1 (888) 833-1142
Fax: +1 (412) 262-2574
www.CertesNetworks.com
North America Sales
[email protected]
Asia-Pacific Sales
[email protected]
Government Sales
[email protected]
Central & Latin America Sales
[email protected]
Europe, Middle East and Africa Sales
[email protected]
SN-10g-011813
Related documents
Pr sentation PowerPoint
Pr sentation PowerPoint
50 Word Company Description 100 Word
50 Word Company Description 100 Word
a common digital Europe
a common digital Europe
Are you looking for an easier way to initiate and
Are you looking for an easier way to initiate and
Database Security
Database Security
BitLocker Drive Encryption Self
BitLocker Drive Encryption Self
All Definitions for
All Definitions for
Network Security: It`s Time to Take It Seriously
Network Security: It`s Time to Take It Seriously
Database Confidentiality
Database Confidentiality
CSCI 3140 Module 3 – Logical Database
CSCI 3140 Module 3 – Logical Database
Protection of outsou..
Protection of outsou..
[Powerpoint] - SQLSaturday_Powerpoint_
[Powerpoint] - SQLSaturday_Powerpoint_
Application Design and Development
Application Design and Development
Innovative Applications of Artificial Intelligence Techniques in
Innovative Applications of Artificial Intelligence Techniques in
SecuROM™ Disc Check
SecuROM™ Disc Check
Mullvad Barnprogram
Mullvad Barnprogram
eFS: encrypted File system
eFS: encrypted File system
Acronym
Acronym
slides17 - University of California, Irvine
slides17 - University of California, Irvine
Now - ISSA-NE
Now - ISSA-NE
Oracle-Data-Encryption
Oracle-Data-Encryption
Document
Document