Showing posts with label Encryption. Show all posts
Showing posts with label Encryption. Show all posts

Tuesday, December 9, 2014

Nutanix Adds Data-at-Rest Encryption

Nutanix, which offers a converged appliance that combines compute/storage/networking for scale-out applications, announced a number of new security capabilities for its Virtual Computing Platform, including data-at-rest encryption.

The new security capabilities are available with Nutanix Operating System (NOS) 4.1 software, and help IT security teams meet stringent standards like HIPAA, PCI DSS and SOX. Nutanix hardware platforms now meet a number of certification standards including FIPS 140-2, NSA Suite B support (to Top Secret), Common Criteria EAL2+, NIST-SP800-131A and others.

Security features available in this release include:

  • Self-encrypting drives to secure data at rest, compliant with FIPS 140-2 Level 2 standards
  • Strong two-factor authentication, including the use of client certificates, to prevent unauthorized administrator log-ins
  • Nutanix Cluster Shield to limit administrator access in security-conscious environments by restricting shell logins.

“Security is required across the entire data center architecture, including server and storage systems. Unfortunately, legacy infrastructure components often lack the necessary controls and fail to meet common certification requirements,” said Simon Mijolovic, Senior Security Solutions Architect at Nutanix.

http://www.nutanix.com

  • In August, Nutanix, a start-up based in San Jose, California, announced a $140 million Series E funding round at over a $2 billion valuation.


Thursday, October 16, 2014

Intel Intros Data Protection Tech for Point-of-Sale Terminals

Intel introduced an end-to-end encryption technologyt that can be built into point of sale (POS) platforms powered by Intel silicon, including Intel Core and select Intel Atom processors.  The Intel Data Protection Technology for Transactions, which was developed in collaboration with NCR, adds an extra layer of software to protect the payment process, complementing current retail investments in EMV (Europay, MasterCard and Visa) credit card authorization, tokenization and other data protection technologies.

The software resides and runs on the Intel chipset for enhanced security and helps close the gaps between data transmitted between POS devices and the data center. The client software is available now. The full solution based on Intel Data Protection Technology for Transactions will be available to retailers in the first half of next year.

"It’s never been more important, or more difficult, for retailers to manage and protect data across the payment ecosystem,” said Karen Webster, CEO, Market Platform Dynamics. “Intel’s Data Protection Technology for Transactions security architecture does the obvious thing – it separates transaction processing from the POS – making that data less accessible and therefore more likely to be out of the reach of hackers. That can only help give both retailers and consumers more confidence that their POS experience is secure.”

http://www.intel.com

Wednesday, May 14, 2014

ADVA's 100G Metro Adds On-the-Fly Encryption

ADVA Optical Networking introduced a new 100G Metro solution with built-in on-the-fly encryption and fully integrated with its ADVA FSP 3000 platform.  The card, which is based upon the 4x28G technology of the original ADVA 100G Metro, leverages Advanced Encryption Standard (AES) with a key size of 256 bits. It features a Diffie Hellmann dynamic key exchange with over 60 exchanges per hour.

ADVA said its solution provides encryption at the lowest network layer and is completely agnostic to protocols such as Fibre Channel, InfiniBand and Ethernet. It also supports a wide variety of data rates from 5 Gbps, to 10 Gbps to 40 Gbps and onto 100 Gbps. To ensure compatibility in point-to-point and multi-hop infrastructures, the ADVA 100G Metro with built-in encryption uses optical transport network (OTN) framing. It also adds very little latency to the transmission link – less than 150 nanoseconds – compared to our non-encrypted version. This stands in stark contrast to higher layer encryption technologies that often add significant overhead and multiply the latency of the data stream.

The company also noted that its solution also encrypts the header and checksum of the signal, not just the payload or select bytes in the header, leaving no breadcrumbs that may be intercepted and analyzed.

“The security of data has never been so important; its integrity never so public. We're living in a new era of data awareness,” said Uli Schlegel, director, data center business development, ADVA Optical Networking. “In the wake of Heartbleed and other data security scares, businesses are only too aware of how vulnerable their mission-critical data is. How susceptible it is to theft and malicious use. Data security is now of paramount importance. At the same time, the volume of data has never been so immense. Transporting and protecting this data requires something purpose built, something special. That's what sets our 100G Metro with built-in encryption technology apart. It's the only product on the market capable of securely transporting big data.”

ADVA confirmed that its 100G Metro with built-in encryption has already been deployed by a number of enterprises and service providers.

http://adva.li/secure
http://www.advaoptical.com/

Wednesday, May 22, 2013

Vitesse Integrates MACSec into GE & 10GE PHYs for End-End Layer 2 Encryption


Vitesse Semiconductor introduced the first PHY transceivers to integrate MACSec technology for end-to-end, Layer 2 network security.

The new Vitesse SynchroPHY Gigabit Ethernet (GE) and 10GE devices enable network-wide Layer 2 MACsec encryption and preserve nanosecond-level IEEE 1588v2 accuracy.

Vitesse said this new paradigm of establishing Layer 2 encryption end-to-end, rather than link-by-link as is now the case, will prove to be especially useful for cloud services, mobile backhaul and other high-value communications. Until now, MACsec PHYs have traditionally been limited to link-based box-to-box applications primarily within cloud service data centers

Key elements of the Vitesse solution include:

VeriTime: the industry’s highest accuracy IEEE 1588v2 Precision Time Protocol

Intellisec: the industry’s first PHY technology to enable IEEE 802.1AE MACsec encryption.  Intellisec offers 256-bit encryption support, versus the 128-bit encryption typically today.

 “Vitesse’s approach enables a paradigm shift in mobile, cloud, and other critical infrastructure networks,” said Richard Interrante, product marketing director at Vitesse. “VeriTime delivers the industry’s de facto highest accuracy IEEE 1588v2 network timing and now we’ve again moved beyond our competitors with this latest generation incorporating Intellisec. Delivering low latency security while preserving network synchronization simply isn’t possible with traditional link-based MACsec technology. Vitesse is first to do this, making network-wide Layer 2 security a realistic and affordable option for carriers and other cloud providers.”

Sampling is underway.

  • GE PHYs with copper and fiber media support 
  • 10GE PHYs
    -  VSC8582-10: 2-port SGMII/QSGMII GE PHY
    -  VSC8584-10: 4-port SGMII/QSGMII GE PHY
    -  VSC8490-10: 2-port WAN/LAN/Backplane RXAUI/XAUI to SFP+/KR 10GE PHY
    -  VSC8491-10: 1-port WAN/LAN/Backplane RXAUI/XAUI to SFP+/KR 10GE PHY 

http:// www.vitesse.com/intellisec


In this video, Vitesse Semiconductor's Martin Nuss discuses Intellisec, a new technology that leverages MACsec protocol to extend security end-to-end.


 http://youtu.be/mVWxyMGKD2M