A number of forces drive the need for increased data security, including protecting corporate information and trade secrets, government regulation, trade partner privacy agreements, and customer expectations. For example, in banking and finance, the payment card industry has very strict digital security standards to prevent credit card information from being stolen from the network. The healthcare industry has regulations, including HIPAA and HITECH, to insure that sensitive personal health information is secure.
Current solution: the VPN tunnel
Many organizations don’t encrypt their data over the WAN because it’s traveling on a “safe” multiprotocol label switching (MPLS) network. Although MPLS networks provide more reliable connections than the Internet and aren’t as public, they cannot be counted upon to be private — they’re still vulnerable to attack. It is important to understand that VPNs and technologies such as MPLS are not encrypted by default, and so require additional security measures to protect data. Even if the network is “private” or “virtually private,” it is still subject to attacks. Data sent on MPLS networks is kept separate from other traffic, but it is not encrypted. What’s more interesting is that over the past few years, many MPLS carriers have merged their private WANs and Internet backbones, further reducing security in the process.
Breaking out of the tunnel
IPsec VPN tunnels are fairly simple to set up between only two points. However, when remote sites multiply, the number of tunnels increases exponentially. A tunnel is needed between each pair of sites (Fig. 1), leading to administrative hassles every time a remote site is added. EncrypTight™ eliminates the need to establish point-to-point tunnels between each pair of remote sites, freeing network administrators for other tasks. With EncrypTight, every site on your WAN can establish an instant encrypted connection to every other site equipped with an EncrypTight appliance.
How is EncrypTight different than a VPN?
The EncrypTight solution is based on group encryption in which the encryption keys are centrally generated and securely sent to the EncrypTight appliances. This enables you to manage policy and key distribution centrally instead of on a time-consuming, site-by-site basis, as is the case with VPNs. EncrypTight enables you to secure ”data in motion” in a way that is transparent to network architectures and protocols. And, if you decide to migrate to the Internet from MPLS networks using EncrypTight, you don’t experience any service interruptions. Continue reading
Filed under: Networking | Tagged: Data Proection, Data Security, EncrypTight, encryption, MPLS, MPLS Network, VPN Tunnels, WAN Encryption | Leave a comment »