Simplify data protection with WAN encryption

A number of forces drive the need for increased data security, including protecting corporate information and trade secrets, government regulation, trade partner privacy agreements, and customer expectations. For example, in banking and finance, the payment card industry has very strict digital security standards to prevent credit card information from being stolen from the network. The healthcare industry has regulations, including HIPAA and HITECH, to insure that sensitive personal health information is secure.

Current solution: the VPN tunnel
Many organizations don’t encrypt their data over the WAN because it’s traveling on a “safe” multiprotocol label switching (MPLS) network. Although MPLS networks provide more reliable connections than the Internet and aren’t as public, they cannot be counted upon to be private — they’re still vulnerable to attack. It is important to understand that VPNs and technologies such as MPLS are not encrypted by default, and so require additional security measures to protect data. Even if the network is “private” or “virtually private,” it is still subject to attacks. Data sent on MPLS networks is kept separate from other traffic, but it is not encrypted. What’s more interesting is that over the past few years, many MPLS carriers have merged their private WANs and Internet backbones, further reducing security in the process.

Breaking out of the tunnel
IPsec VPN tunnels are fairly simple to set up between only two points. However, when remote sites multiply, the number of tunnels increases exponentially. A tunnel is needed between each pair of sites (Fig. 1), leading to administrative hassles every time a remote site is added. EncrypTight™ eliminates the need to establish point-to-point tunnels between each pair of remote sites, freeing network administrators for other tasks. With EncrypTight, every site on your WAN can establish an instant encrypted connection to every other site equipped with an EncrypTight appliance.

Figure 1How is EncrypTight different than a VPN?
The EncrypTight solution is based on group encryption in which the encryption keys are centrally generated and securely sent to the EncrypTight appliances. This enables you to manage policy and key distribution centrally instead of on a time-consuming, site-by-site basis, as is the case with VPNs. EncrypTight enables you to secure ”data in motion” in a way that is transparent to network architectures and protocols. And, if you decide to migrate to the Internet from MPLS networks using EncrypTight, you don’t experience any service interruptions. Continue reading

Advertisements

How to easily deploy HD video over your IP network

Analog video distribution systems have several vulnerabilities regarding quality and distance, not least of which is that analog technology is being phased out in favor of higher quality digital equipment. The biggest challenge with digital signal distribution has been its need for a large amount of bandwidth. Now you can break free from traditional video limits by deploying HD video over your IP network. Image quality remains excellent, and costs are minimal because setup uses infrastructure already in place.

Scalability and flexibility
Using an IP-based video distribution platform, such as the MediaCento™ IPX, provides a whole new level of scalability compared to existing proprietary and coax systems. Distribution and extension of the video signals are achieved by sending packetized video through standard local area network (LAN) equipment with existing CAT5e or CAT6 network cabling. Any number of displays located anywhere in the building can receive video content through connection to the LAN.

Furthermore, an IP-based solution has no distance limitations. Although standard Ethernet segments are limited to 330 feet, switches or repeaters can be added to get additional distance. For very long runs, runs between buildings, or in installations in industrial environments with high levels of EMI, standard Ethernet media converters can be used with the system to convert the electrical signals into optical ones for transport over fiber cable.

One of the biggest challenges with any traditional video distribution solution is that a splitter has a fixed number of ports, which limits the number of displays supported. Additionally, extenders might be required to reach out to remote displays. Proprietary video cables, such as HDMI®, have distance limitations and were not designed to be terminated in the field, and the large form factor of the connector makes it a huge challenge to pull these cables through conduits and walls.

Image quality
MPEG compression works well to deliver low to medium quality over very limited bandwidth (Kbps to Mbps), but is not suitable for high-quality computer graphics. Using efficient compression algorithms and higher bandwidth (100–150 Mbps) makes it possible to run full HD, real-time video over the local network without loss of video quality

Continue reading

The advantages of IP access technology

IP access technology extends keyboard, video, and mouse (KVM) signals, digital video, digital audio, and USB peripherals from any computer or server over TCP/IP via a local area network (LAN), wide-area network (WAN), or Internet connection. This technology uses existing network infrastructure and supports local and remote users, usually simultaneously. IP access technology works in diverse hardware environments and is ideal for managing multi-location data centers and branch offices.

These capabilities translate into real savings for companies having to deal with the proliferation of servers in many offices, particularly for corporations and government agencies required to deliver 24/7 uptime and real-time access to mission-critical servers every day of the year.

IP access and KVM-over-IP (KVMoIP) solutions combine the advantage of remote access software with the benefits of switching and extension technology. Like most KVM switches, IP access products don’t require any software to be loaded on the host computers. They interface directly with the keyboard, monitor, and mouse connectors of the host computer or KVM switch. Circuitry within the KVMoIP device digitizes the incoming video signal and processes it into digital data that is communicated to a viewer program running on a remote client computer over a LAN/WAN or the public Internet.

By addressing network issues from a remote location, you can simply manage issues from your desk, even save yourself the hassle of traveling to a site in the middle of the night. Use a browser-based connection, even a smartphone or tablet computer or PDA, to reboot or administer a roomful of servers remotely.

The ServSwitch Wizard IP Remote Manager: Allow up to four authorized users to access your system from anywhere in the world.

IP access solutions that feature virtual media technology take that convenience further. They enable a remote user to effortlessly move files from a mass storage device—a USB flash drive for example—from your location to the computer on which you’re working. Cost savings are realized through reduced downtime and less travel. In some cases, there’s no need to replace existing KVM switches with a proprietary ones to get a KVMoIP server-control solution.

Continue reading