Safenet High-Speed Network
Encryptors Combine the Highest
Performance With the Easiest
Integration and Management
SafeNet Network
SafeNet Network Encryption Solutions
Proven reliability, highest throughput, and lowest latency make SafeNet’s network security devices the ideal solution for protecting data in motion, including time-sensitive voice and video streams. SafeNet’s network security devices provide the fastest and easiest way to integrate robust, FIPS-certifi ed network security to protect data for enterprise and government organizations.
With SafeNet Network Encryption Solutions, You Can: Protect your data from evolving threats
-• Sensitive data is being transmitted through networks, more transactions are being
conducted over networks, and more value is moving through networks, which means that even a small breach can result in staggering data leakage—with associated reputation, privacy, and financial losses.
Become compliant with mandates
-• Beyond the obvious needs for encryption in safeguarding against security threats, many organizations need to ensure and demonstrate compliance with a host of mandates, including governmental, industrial, and regional policies. Encryption mechanisms need to support these efforts and provide advanced audit reporting.
Provide business continuity and disaster recovery -
• Organizations need real-time transmissions of sensitive data to disaster
recovery sites. Encryption solutions ensure the information remains totally secure without slowing down the network and interfering with other business functions.
Secure branch office connectivity
-• Sensitive and regulated data is constantly traversing the network from headquarters to branch offices. Organizations need a lower cost encryption solution capable of scaling.
Safeguard data in private clouds
-• Organizations are moving to cloud-based services; just about every enterprise will have a hybrid mix of services—including on-premise, private cloud, and public cloud—in place at any given time. Network encryption ensures trusted communications across the organizations cloud-based applications while boosting user productivity, lowering costs and increasing business agility.
SafeNet Network Encryption and
Isolation Solution
SafeNet Network Encryption and Isolation Solution uses dedicated security engines that are
separate from the network infrastructure. This approach has intrinsic advantages compared to
integrated solutions. Whether you are operating a traditional enterprise data center or moving your
data and processing into the cloud, data confidentiality and infrastructure isolation are assured
without impacting the day to day operations of the network. Infrastructure security is administered
separately from the network administration function allowing separation of duties even when
operating in the cloud. SafeNet technology operates at the highest performance levels without
negatively impacting network capacity or speed and without adding network complexity. The
encryption devices and their management function exist as a network ‘overlay’ that is highly reliable,
highly resilient, easy to deploy and maintain, and can be rapidly expanded as needs change.
10G
Data Center Secondary Data Center
Disaster Recovery Site
Carrier Ethernet (Provider A) Carrier Ethernet (Provider B) 10G Branch Offices Headquarters 50M Carrier Ethernet 10M 5M VLAN 1 VLAN 2 VLAN 3 VLAN 4 VLAN 5 etc... 100M 75M Cloud 10G/100M
Layer 2 Encryption
It’s a little known fact that network encryption solutions can have profound impact on the network’s scalability, maintenance and cost. Layer 3 encryption solutions like IPsec introduce latency and frame loss, and may reduce available bandwidth to as little as 27%. Applications like VoIP and video may be a problem, and network equipment has to be super-sized just to keep up with normal traffic.
Why Encrypt at Layer 2?
SafeNet offers advanced Layer 2 encryption solutions that eliminate the challenges and obstacles presented by Layer 3 encryption approaches.
Minimal Cost
Simple policy for fast setup and integration •
Minimal ongoing maintenance •
Better bandwidth utilization (up to 50%) •
Benefits
Reduced Cost
SafeNet’s Network Encryption solutions are simple to deploy and require little maintenance, thus reducing implementation and operational costs. Because SafeNet’s Network Encryptors encrypt at Layer 2, bandwidth effi ciency is greatly improved.
Maximum Performance
SafeNet Network Encryptors are able to protect massive amounts of data with high yhroughput, zero latency, and minimal protocol overhead.
Enterprise Scalability
SafeNet Network Encryption solutions signifi cantly reduce equipment requirements and costs. In addition, encryption policy is effortless.
Central Control and Remote Management - SafeNet’s Security Management Center (SMC)
SafeNet’s Network Encryptors can be centrally controlled or managed across multiple remote stations using SafeNet’s SMC. With SMC’s point-and-click, easy-to-use interface, and confi guration wizards, it’s simple to visualize, confi gure, modify, and manage network security—5 minute installation and deployment. SMC enables organizations to implement a broad range of security policies that can limit access to specifi c devices or provide unlimited access to the entire network.
Simple Management
IPv4 transparent to encryption policy •
Encryption can have no effect on high •
layer IP routing design
Protects legacy Layer 3 protocols •
Maximum Performance
Low Overhead – Needed for new •
bandwidth intensive applications No GRE or complex QoS schemes •
Low Latency – microseconds vs. •
milliseconds
Layer 2 (Ethernet)
Layer 3 (IPSec)
Performance • Throughput up to 10Gbps
No performance degradation for small packet •
traffic (real-time VoIP, video) Virtually no latency
•
No bandwidth wasted for security overhead •
Throughput up to 1Gbps •
Poor performance especially for small-packet •
traffic (real-time VoIP, video)
High latency, especially for small packet traffic •
Up to 90% of bandwidth wasted by security •
protocol overhead
Ease of Integration & Maintenance
Easy to integrate, plug and-play •
Virtually no maintenance required •
Separates physical network from security •
Hard to integrate into IP networks due to IP •
address management issues
Changes in network setup impact security •
Depth of Security • FIPS 140-1/2 and CC certified hardware Supports latest encryption standards such as •
AES-256
Provides more granular security options •
which leaves room for errors in security implementation (e.g., unencrypted connections)
Reliability • Highly resilient
Changes in IP layer doesn’t affect Layer 2 •
security
Changes in IP network (e.g., IP address changes) •
can interfere with security setup
Cost • Cost-effective security solution requires only minimum number of encryptors to secure entire circuits
Fast IPSec encryptors are expensive •
SafeNet’s Network Encryption and
Isolation Solution for Ethernet WAN
encryption is elegantly simple.
This solution operates at Layer 2, so
that maintenance issues like security
policy changes become a thing of the
past, bandwidth is not affected, and
network complexity is reduced.
All of which means better application
performance and lower network
operating costs.
SafeNet’s High-Speed Encryptors deliver maximum performance,
the strongest available protection, the least administrative
overhead, and the lowest total cost of ownership.
Ethernet Encryption
Reduce the cost and complexity of protecting sensitive data in motion
Ethernet Encryptor 10G
The best-in-class Ethernet Encryptor 10G offers proven compliance through Layer 2 encryption. It also provides central policy management through SafeNet SMC and is easy to integrate into your current architecture.
FIPS 140-2, Level 3 validated
Ethernet Encryptor 1G
The Ethernet Encryptor 1G provides full-duplex, line-rate encryption of Ethernet networks up to 1Gbps. It contains standards-based authentication, digital certificates, and key management. Its bump-in-the-wire design allows for easy installation into existing network environments. It also offers central configuration, monitoring, and management through SMC.
FIPS 140-2, Level 3 validated Ethernet Encryptor Branch Office
Cost-effective data security for branch office Ethernet links up to 10 Mbps. Designed specifically for sites with low-bandwidth requirements, providing connectivity between corporate and branch offices.
FIPS 140-2, Level 3 validated
SONET Encryption
High Performance Security Solution Providing Seamless Integration
SONET Encryptor
The SafeNet SONET Encryptor is a high performance, dedicated security solution to protect 10 Gbps and below SONET/SDH networks. It integrates easily and transparently into SONET/SDH networks and performs at wire-speed throughput, encrypting user data with the AES-256 algorithm. Extremely low latency makes it ideal for even the most demanding real-time, latency-sensitive network applications.
FIPS 140-2 Level 3 validated
Security Management Center
Centralized, Robust, Flexible and Easy-to-Use Management Platform
Security Management Center (SMC)
Designed to integrate seamlessly into any network topology, SafeNet WAN encryptors are the only devices to offer the SafeNet SMC, a SNMP-based network management platform that enables unparalleled ease of administration, as well as audit tracking of encryptors across multiple circuits and network protocols.
FIPS 140-2 Level 2 & Level 3 validated (management communications)
Encryptor Features
Designed for FIPS •
and Common Criteria Certification
Physically tamper-proof •
Minimal latency (typically •
< 10 microseconds) Point-to-point and •
full mesh connection capability
Each connection •
uses unique AES256 symmetric key (refreshed every hour)
Connections can be set • to encrypt, bypass, or discard Secure remote • management overhead - data payload encrypted AC and DC power options •
Contact Us: For all office locations and contact information, please visit www.safenet-inc.com
Follow Us: www.safenet-inc.com/connected
©2011 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. FB (EN)-04.14.11