Data Center

Data In-Flight: The Hole In Many Security Plans

by Ed O'Connell ‎04-23-2015 12:01 AM - edited ‎04-23-2015 08:13 AM (4,840 Views)

Why are public and private organizations still readily being hacked or breach? Simple. Security isn’t. Many organizations focus on securing data being stored, but not data in-flight within or across campuses or data centers. For hackers, data in-flight is great. They don’t have to go looking for the data, the data comes to them.

 

Some organizations have tried to protect data in-flight but soon realized that current security technologies for networks severely impact performance or add complexity/costs that make it prohibitive to do. Many organizations networks are at 10G or 40G network bandwidth within the campus and are at 40G to 100G for cross data center connections. Those connectivity requirements far exceed the encryption capability of firewalls or encryption appliances. Scaling up these technologies to meet network performance requirements scales up complexity and costs.

 

Encrypting traffic at the access switch in the campus and keeping it encrypted to any destination within the data center or intra-data center is the holy grail of in-flight data security. But doing so should not impact performance or encourage users to circumvent encryption.

 

Brocade recently announced a new FastIron release (8.0.30) which brings MACsec to the Brocade ICX 7450 campus switch. A single ICX 7450 Campus switch can deliver up to 168Gbps of MACsec encryption connectivity without additional hardware or rackspace usage.

 

For intra or inter-data center traffic, the Brocade MLXe with a single 10Gx20 interface module can deliver 200Gbps of MACsec encryption connectivity to ICX 7450 switches. For inter-data center connectivity, add in a single MLXe IPsec module and now there is 44Gbps of 256-bit AES Suite B encryption. Need more encrypted throughput? Add another IPsec module in the same 1U of rackspace and it’s now up to 88Gbps.

 

Is your company struggling to cost effectively protect its data in-flight? You can easily test drive an ICX/MLXe configuration within your network and see how it delivers industry leading encryption for your data. No more letting the data freely be intercepted by hackers.