Thales Blog

Protecting Critical Infrastructure and Essential Services with High Speed Encryption

May 14, 2020

Jennifer Dean Jennifer Dean | Product Marketing Manager More About This Author >

As COVID-19 continues to dominate our thoughts and affect all aspects of our everyday lives, we try to maintain some sort of normalcy by spending more time with our families, or working remotely if we can. While traditionally in-office workers are taking business into their homes, other essential workers, such as hospital staff, first responders, police and firefighters rely on critical infrastructure to keep them connected. Unfortunately as the pandemic evolves, cybercriminals are intensifying efforts to exploit our communication networks, as warned by top cybersecurity agencies—The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in the United States and the United Kingdom’s National Cyber Security Centre (NCSC).

Now as we become more dependent on critical infrastructure, such as large scale data centers, the public Internet and global electrical grids, it’s crucial that we are able to secure data as it moves from place to place, without compromising performance or security. With data constantly moving through a patchwork of interconnected topologies, networks and service providers, securing that transmission to the last mile (and back) is critical. Although it’s clear that leveraging encryption is key, choosing where and how to encrypt can be a challenging puzzle.

Historically, different network layers have required different encryption solutions. As network architecture has evolved to comprise multiple transport layers, this has implications for network security, performance and cost. The most common encryption solution, IPSec, is more than 20 years old. IPSec was not developed with wide area networking and cloud applications in mind, and definitely not with today’s bandwidth requirements (especially in an unprecedented environment where the performance and security of our infrastructure has never been more important).

Network Independent Encryption is required to meet the demands of modern network architectures. Network Independent Encryption provides concurrent encryption of data at network Layer 2, 3, or 4. A flexible encryption policy allows an end user to select the most appropriate network layer to encrypt their data at; removing network layer dependency and allowing for true end-to-end encryption

At the heart of Network Independent Encryption is the innovative Transport Independent Mode (TIM) functionality found exclusively in Thales encryptors, including our CN Series and CV1000 virtual encryptor. With TIM, security professionals can dynamically encrypt different traffic flows at Layer 2, 3, or 4 depending on the underlying network and the assurance needs of the data. TIM ensures the data in motion is encrypted end to end, regardless of the network layer, to its destination. Policy-based concurrent encryption affords organizations the flexibility to dynamically match their security policy to their network architecture.

In a nutshell, network encryptors that offer TIM provide the flexibility to create an enterprise-wide, high-performance encrypted network.

Other benefits of TIM include:

  • A single solution for use over both Ethernet and Internet infrastructure
  • Tunnel-free, data flow encryption efficiencies
  • Reduced management and bandwidth costs
  • Near zero latency and data overheads

Thales high speed encryptors are essential for securing critical infrastructure and doing so without taxing those vital services we’ve come to depend on even more during today’s new reliance on remote working. We invite you to explore more about Thales High Speed Encryption Solutions. Or sign up for a free trial of our Thales CV1000 Virtual Encryptor.

Related Articles

No Result Found