With software-defined networking (SDN) and network functions virtualization (NFV) promising more flexibility and programmability for data center and carrier networks, these new capabilities might bring security challenges as well. Encryption technology provider Certes Networks says it has an answer to such questions, thanks to its recently unveiled CryptoFlow Solutions suite.
The CryptoFlow Solutions line takes Certes Networks’ strengths in fixed network key and policy management and applies them to virtual and cloud environments, including those that leverage SDN and NFV, says Adam Boone, the company’s chief marketing officer. The suite enables protection of any application flowing to any IT asset over any network via a single point of control for encryption management and keying, he says. Security policy enforcement points reside in the physical network within appliances or within virtual environments as "virtual Certes Enforcement Points."
The suite enables security managers to create CryptoFlow virtual private networks (VPNs), which are group-keyed VPNs that feature auto-configuration of lower-layer encryption.
As announced in June and described in a presentation at the Lightwave Optical Innovation Summit July 15, Certes Networks lent the CryptoFlow Solutions technology to an SDN/NFV proof-of-concept exercise sponsored by CenturyLink at Light Reading’s Big Telecom Event. The slide below from Boone’s Lightwave Optical Innovation Summit presentation illustrates the proof-of-concept setup, which included technology from Cyan Inc., RAD, and Fortinet as well.
Boone told Summit attendees that SDN and NFV should enable new monetization opportunities for edge service providers in the form of "security as a service" offerings in which security is offered as a virtual network function.
The CryptoFlow Solutions suite currently operates on traffic flowing at data rates between 3 Mbps and 10 Gbps. Boone said that the technology isn’t data-rate limited – 10 Gbps is as fast as his customer base has wanted to go so far, he said.
Looking ahead, Certes Networks plans to bring handheld devices such as smartphones and tablets more tightly into its realm of protection, with capabilities along these lines slated for availability during the fourth quarter of this year. The company also will seek to enable greater granularity in regard to encryption of different applications, Boone added.
For more information on high-speed transmission technology and suppliers, visit the Lightwave Buyer’s Guide.