The truth about MPLS security

Organizations often use private networks such as MPLS service for data transfer because they offer clear advantages in speed, delay/jitter, and availability compared to the Internet.  As convenient as these networks are, however, they leave data vulnerable. Here are two myths of MPLS security:

Myth #1: “We use a private network” is often stated as the reason for not protecting data as it travels over third party networks.
Truth#1: MPLS isn’t really private. Organizations using a Multiprotocol Label Switching (MPLS) network may believe that encryption is not needed because the network is marketed as “private.” Because MPLS is really a shared network that mimics privacy by logically separating data with labels, the logical separation offered by MPLS isn’t secure and isn’t adequate for data protection. A “private” MPLS link actually traverses a network that also carries traffic from thousands of other users, including traffic from other carriers.

Myth #2: MPLS provides some level of security.
Truth #2: The truth is that MPLS offers no protection against misconfigurations. Human and machine errors as well as OS bugs can result in MPLS traffic being misrouted. It also don’t protect from attacks within the core. MPLS is vulnerable to all traditional WAN attack vectors. Additionally, there is no detection of sniffing/snooping. Think an alarm will go off when a high-tech hit man is stealing your data? Think again. This data is left in the clear and can be access, replicated, or used by anyone who gains access to it.

Protecting data in motion has become a high priority as more organizations realize how easy it is for attackers to pick data from the stream. Regulations such as HIPAA and PCI also require that files be secured when stored on the network and while in transit, leading to a need for encryption services. Secrets aren’t secret on the Internet unless they’re securely encrypted. For more myths, truths, and ways you can protect your data in motion, download our Group Encryption White Paper.

Advertisements

2 Responses

  1. […] on security: Five wireless security bandits The truth about MPLS security Network security in a dangerous cyber […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s