Protect sensitive data in motion with Network Encryption services
Effective network security relies on multiple layers of defence, not just at the edge and core of the network but also along the network path. While much of the focus on security is on users and applications, protecting in-flight data as it travels across the network is a critical component of a holistic security strategy. Network Encryption Services ensure secure connectivity, so whichever the network layer you want to secure, we have an end-to-end encryption service to suit your needs.
Network encryption types
End-to-end encryption for optical services
Optical Encryption is available as an integral part of Wave and Private Wave services. Fully transparent to Ethernet, IP and other network protocols, it provides the very highest levels of performance and security in combination.
- Always on: Optical Encryption is inherent to the core service, and is embedded in the optical hardware for maximum security and performance. Any traffic that has to traverse the optical backbone becomes encrypted by default, reducing the risk of sensitive traffic leaving the enterprise unprotected, providing always on end-to-end encryption
- Wire-speed performance: Operating at Layer 1 of the OSI stack, optical encryption is efficient and scalable. Implemented on the OTN signal layer, the full data payload remains available without latency degradation
- Compliance: Network Encryption solutions offer FIPS-certified AES-256 encryption with standards-based authentication mechanisms such as X.509 digital certificates, enabling operational simplification with seamless integration into enterprise Public Key Infrastructures
- Flexible deployment: Customers may choose to manage their own encryption keys or request the provider to do so as an additional service option. Flexibility over the siting of optical hardware platforms, including within customer-secured environments, enables the solution to be tailored to the customer’s security policies
End-to-end encryption for voice services
Voice Encryption end-to-end encryption solution that provides additional security for your voice services, including both SIP Signalling encryption and audio encryption.
- SIP encryption is offered using SIP Transport Layer Security (TLS) encryption, with mutual authentication, and supports both Asymmetric Encryption (AES) and Triple Data Encryption (3DES)
Audio Encryption secures the audio stream with SRTP (Secure Real Time Protocol) media encryption, which is a IETF cryptographic protocol used to provide secure communications over an untrusted network. It provides confidentiality and message integrity for media streams.