Layer 2 Encryption Solutions

Network encryption solutions from Thales enable the protection of sensitive, high-value data in motion

Layer 2 Encryption

Using Thales network encryption platforms, you can deploy proven solutions to maximize confidence that your sensitive, high-value data will not be compromised during transport. Thales network encryption platforms offer increased levels of protection over unencrypted data transport and basic encryption capabilities embedded in routers and switches.

  • Challenges
  • Solutions
  • Benefits

Eavesdropping on Unencrypted Network Data

Attackers can “eavesdrop” on unencrypted data traveling over a network, not only impacting privacy but potentially opening the potential to modify or substitute data as a way to stage more sophisticated attacks.

Compliance with Data Protection Mandates

Because industry mandates often require protection for data in motion, organizations that do not implement this protection risk fines, embarrassing data breach disclosure statements, and resulting damage to their reputation.

Insufficient Security in Routers and Switches

Depending on the application, encryption capabilities embedded in routers and switches may not offer the combination of security and performance you need.

Thales CN Series Network Encryptors

Thales High Speed Encryption solutions provide customers with a single platform to ‘encrypt everywhere’— from network traffic between data centers and the headquarters to backup and disaster recovery sites, whether on premises or in the cloud. 

High Bandwidth Efficiency & Robust Scalability

  • Comprehensive data in motion security for Layer 2, IPv4 and IPv6 Networks.
  • 95% bandwidth efficiency, which optimizes encrypted throughput from 10Mbps to 10Gbps.
  • Integrated group key management system, which scales to support hundreds of encryptors with no-cost redundancy.
  • Physical and logical separation of network administration and security responsibilities enforces policy and reduces opportunity for insider attacks.

Leading Security Capabilities

  • Traffic flow security to prevent traffic analysis and side channel attacks.
  • Field-upgradeability to protect against new threats and to ensure long service life.
  • Capabilities not found natively in network switches and routers, such as tamper-resistant physical hardening, strong authentication for administators, hardware-based key generation, and embedded and remote key management.
  • Support for the strongest commercially-available algorithms, government ciphers or customized algorithms.

Flexilible Support for Your Encryption Requirements

For organizations wishing to deploy country-specific or sovereign encryption algorithms and key management standards it is possible to minimize costs through the use off-the-shelf encryption devices that can be customized and reprogrammed to meet specific requirements.