DROP US AN ENQUIRY / FEEDBACK

  • Name

  • Email

  • Company

  • Contact no.

Message

CAPTCHA Image   Reload Image
Enter Code*:

Thank you for your enquiry, we will get back to you shortly

Latest news 16 Aug 2016 - ACA Pacific Appointed by Autodesk as Regional Value Added Distributor
Latest news 14 Jul 2016 - Progress Named a Visionary in Gartner 2016 Magic Quadrant for Mobile App Development Platforms
Latest news 10 Aug 2016 - Autodesk Industry Collections Now Available Worldwide
Latest news 10 Aug 2016 - Ten Big Reasons to Scan Wirelessly in Pharmaceuticals & Healthcare
Latest news 09 Aug 2016 - Eaton’s Expanded Series of FD85 Thread to Connect Couplings Provides Additional Sizes for Reliable Connections in Oil and Gas A
Latest news 12 Jan 2017 - ACA Pacific Technology launches Alcatel-Lucent Enterprise Solutions across Asia Pacific

Wan Protection

Certes Networks

Cloud Encryption

Certes Networks Virtual Certes Enforcement Point (vCEP)

Utilizing cloud infrastructures provides a compelling case for cost savings, agility and operational efficiency that cannot be ignored. However, executing IaaS (Infrastructure as a Service) workloads ...

Utilizing cloud infrastructures provides a compelling case for cost savings, agility and operational efficiency that cannot be ignored. However, executing IaaS (Infrastructure as a Service) workloads in the cloud while protecting sensitive information has been challenging in the past. The virtual Certes Enforcement Point (vCEP) solves the problem of keeping sensitive information secure in shared cloud or virtualized environments. The vCEP preserves the cost savings, agility and operational efficiency of the cloud while securing the data, extending the use of IaaS clouds to sensitive or regulated workloads that were previously off limits due to security concerns.

What is the vCEP?

The vCEP is a virtual appliance for VMware ESX/ESXi environments that enables sensitive workloads to execute and communicate securely in untrusted networks. The vCEP provides data confidentiality and integrity for sensitive data in motion in shared environments and prevents one tenant from monitoring the network traffic or attacking the virtual servers of another tenant. Furthermore, the vCEP allows the data owner or a trusted third party to control the encryption keys without the need to share the encryption keys to the infrastructure provider.

The vCEP uses proven Certes TrustNet group encryption technology to provide scalable network encryption without tunnels. The vCEP protects one or more virtual servers by enforcing the encryption and isolation policies specified in Certes TrustNet Manager (the centralized key and policy management system for TrustNet appliances). TrustNet Manager is designed for automated policy provisioning and integration with cloud operating environments.

Certes takes a revolutionary approach to cloud security by protecting network traffic inside and between IaaS clouds. The vCEP solution focuses on four key areas:

Scalable Group Encryption: With TrustNet group encryption, keys are centrally generated and securely distributed to all of the authorized group members (as defined in TrustNet Manager). Unlike tunnel-based solutions, group encryption is designed to scale to protect thousands or even tens of thousands of servers.

Encryption without Unprotected Gaps: As a virtual appliance that resides on the same server as the virtual servers that it protects, the vCEP protects sensitive network traffic inside the cloud provider's network without leaving gaps where the data is not protected.

Secure Isolation from other Cloud Tenants: As part of the Certes TrustNet solution, the vCEP provides persistent authentication to ensure continuous data integrity. The combination of authentication and encryption provide cryptographic isolation among cloud tenants. Cloud providers today typically offer only logical separation, which can break down and allow one tenant to attack another due to misconfiguration, unauthorized wiretaps or man-in-the-middle attacks. Data that is encrypted and authenticated using keys managed by the cloud customer is not susceptible to these types of attacks.

Client Control of Encryption Keys: An important benefit of the vCEP is its ability to allow the client to maintain control of their own policies and encryption keys. This is essential for regulatory compliance, and it protects both the data owner and the infrastructure provider. The vCEP provides a safe harbor for most data privacy regulations by leveraging Certes TrustNet standards-based encryption. Client control of policies and keys also benefits the cloud provider by removing the potential legal burden associated with being in possession of the encryption keys.

The vCEP is interoperable with existing Certes Networks Variable Speed Encryptors (VSEs), which gives customers the choice of using a physical or virtual appliance. New and existing Certes customers can securely adopt or migrate to cloud infrastructures and expand or contract virtual resources seamlessly, without creating security gaps in existing data center and enterprise networks. Using Certes TrustNet Manager, security for all networks can be managed from a central web-based management console.

FIPS 140-2 Encryption Appliances

Certes Networks FIPS 140-2 Encryptors

The Certes Enforcement Points (CEPs) are FIPS 140-2 Level 2 validated Common Criteria EAL4+ Certified encryption appliances designed for government networks. The hardware-accelerated CEP appliances pr ...

The Certes Enforcement Points (CEPs) are FIPS 140-2 Level 2 validated Common Criteria EAL4+ Certified encryption appliances designed for government networks. The hardware-accelerated CEP appliances provide low-latency, tunnel-less encryption and persistent authentication for:

- Ethernet frame encryption over Layer 2 networks

- IP packet encryption over Layer 3 networks

- Data payloads over MPLS networks

The CEPs are available in three FIPS 140-2 validated and Common Criteria EAL4+ Certified models, offering full-duplex wire-speed AES 256-bit encryption at 10Mbps, 100Mbps or 1Gbps speeds. The CEPs integrate easily into any existing network without the need for infrastructure changes or router upgrades. Ideal for government networks, the units provide transparent network encryption without compromising network availability, application performance or operational visibility.

Certes Networks' low-latency encryption appliances are deployed on dozens of national and local government networks and are protecting data for the United States Social Security Administration, Department of Energy, Department of Agriculture, Coast Guard, Army, and Navy. Certes Networks CEPs are available through GSA Schedule 70 purchasing contract (GSA schedule GS-35F-0131R).

CEPs are centrally configured and managed through Certes TrustNet Manager, our web-based management platform that simplifies security management through a simple yet powerful drag and drop policy builder. With role-based access, security administrators can retain control of network security, while outsource the management of encryption appliances to the networking team or managed service provider.

This powerful suite of security management applications provides organizations the ability to secure networks, achieve regulatory compliance, and reduce the cost of deploying, managing and maintaining the encrypted network.

IP and Ethernet Encryption Appliances

Certes Networks CEP-10-T1-100Mbps Encryption

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent aut ...

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent authentication for:

- Ethernet frame encryption over Layer 2 networks

- IP packet encryption over Layer 3 networks

- Data payloads over MPLS networks

While traditional IPSec VPN cards and appliances use static tunnels with limited throughput and high latency, the VSE family of network encryptors allows organizations to customize encryption throughput to match the specific bandwidth needs of each network link. Our tunnel-less, multi-layer encryption technology allow security administrators to secure any network without compromising network availability, application performance or operational visibility.

Certes Networks CEP-100-25-250Mbps Encryption

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent aut ...

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent authentication for:

- Ethernet frame encryption over Layer 2 networks

- IP packet encryption over Layer 3 networks

- Data payloads over MPLS networks

While traditional IPSec VPN cards and appliances use static tunnels with limited throughput and high latency, the VSE family of network encryptors allows organizations to customize encryption throughput to match the specific bandwidth needs of each network link. Our tunnel-less, multi-layer encryption technology allow security administrators to secure any network without compromising network availability, application performance or operational visibility.

Certes Networks CEP-1000G-100Mbps-1Gbps Encryption

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent aut ...

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent authentication for:

- Ethernet frame encryption over Layer 2 networks

- IP packet encryption over Layer 3 networks

- Data payloads over MPLS networks

While traditional IPSec VPN cards and appliances use static tunnels with limited throughput and high latency, the VSE family of network encryptors allows organizations to customize encryption throughput to match the specific bandwidth needs of each network link. Our tunnel-less, multi-layer encryption technology allow security administrators to secure any network without compromising network availability, application performance or operational visibility.

Certes Networks CEP-10G-500Mbps-10Gbps Encryption

Certes Networks offers the only FIPS validated and Common Criteria EAL4+ Certified multi-layer 10G network encryption appliance on the market today. Combining standards based encryption, persistent au ...

Certes Networks offers the only FIPS validated and Common Criteria EAL4+ Certified multi-layer 10G network encryption appliance on the market today. Combining standards based encryption, persistent authentication, and granular policy control, we allow security and network managers to tightly control data center security without impacting network services or application performance.

Ideal for securing data center traffic from branches and hubs, or for securing high-speed replication between data centers, our 10G encryption solutions provide robust security without forcing compromises in performance or availability. Using Certes TrustNet Manager to manage policies and keys, you can secure data center traffic without impacting load balancing, disaster recovery or high availability network designs. In fact, this drop in place technology is completely transparent to your infrastructure, regardless of what gear or provider you are using.

In addition to flexible policy control, our solutions are designed to meet both the security and financial needs of organizations. Our 10G encryptors provides you with the option to choose among six different line rates, ranging from 500Mbps to 10Gbps.

The Certes Networks 10G encryptor makes it easy to follow security best practices and compliance mandates. With role-based access, security administrators can retain control of network security while outsourcing the management of the encryption appliances to the networking team or a managed service provider. Our automatic key rotating capability allows hourly keys updates without impacting performance.

Certes Networks CEP-5 LC-Up to 5 Mbps Encryption

The CEP5 LC is a multi-layer encryption appliance that provides tunnel-less data protection, including Ethernet frame encryption for Layer 2 networks, IP packet encryption for Layer 3 networks, and La ...

The CEP5 LC is a multi-layer encryption appliance that provides tunnel-less data protection, including Ethernet frame encryption for Layer 2 networks, IP packet encryption for Layer 3 networks, and Layer 4 data payload encryption for IP and MPLS networks. The CEP5 LC offers full-duplex encryption at speeds up to 5 Mbps using the AES-256 algorithm.

The CEP5 LC provides affordable and centrally managed encryption and is ideal for networks with large numbers of branch offices, ATMs, kiosks, gas pumps, industrial networks, Smart Grid infrastructure devices or other applications where data protection is needed at the edge of the network with low bandwidth. Environmental hardening for enclosed outdoor environments and a very small form factor allow the CEP5 LC to be deployed at the network edge where encryption was previously difficult to deploy and manage. Central management via Certes TrustNet Manager and group keying make it easy to manage large encrypted edge networks.

The CEP5 LC also includes an integrated Ethernet switch, allowing it to switch traffic locally while encrypting traffic to and from the wide area network. This reduces costs by avoiding the need to deploy additional Ethernet switches and consolidating equipment at the network edge.

Certes Networks Variable Speed Network Encryptors

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent aut ...

The FIPS validated and Common Criteria EAL4+ Certified Certes Enforcement Point (CEP) Variable Speed Encryptors (VSEs) provide bandwidth customizable, low-latency network encryption and persistent authentication for:

- Ethernet frame encryption over Layer 2 networks

- IP packet encryption over Layer 3 networks

- Data payloads over MPLS networks

 

While traditional IPSec VPN cards and appliances use static tunnels with limited throughput and high latency, the VSE family of network encryptors allows organizations to customize encryption throughput to match the specific bandwidth needs of each network link. Our tunnel-less, multi-layer encryption technology allow security administrators to secure any network without compromising network availability, application performance or operational visibility.

Policy & Key Management

Certes Networks TrustNet Manager™

Certes TrustNet Manager™ is a web-based management platform that simplifies security management while preserving network performance and functionality. This powerful suite of security management app ...

Certes TrustNet Manager™ is a web-based management platform that simplifies security management while preserving network performance and functionality. This powerful suite of security management applications provide organizations the ability to secure networks, achieve regulatory compliance, and reduce the cost of deploying, managing and maintaining the encrypted network.

TrustNet is designed to meet the scalability and performance demands of public and private networks and cloud infrastructures. TrustNet Manager goes beyond being just a next generation IPSec VPN solution by helping organizations reduce the risk of network and cloud-based data breaches. At the same time, it also simplifies compliance efforts and reduces the scope and costs of compliance audits.

TrustNet Manager's drag-and-drop security policy builder simplifies provisioning and makes it easy to deploy multi-layer encryption and security policies. This saves operating expense and helps reduce the risk of security configuration errors, which often result in data leakage and loss. TrustNet Manager also makes it easy to follow security best practices, such as separation of duties and "trust but verify," by providing role-based access to multiple users.

With powerful logging and auditing capabilities that make it easy to establish, maintain and prove regulatory compliance, TrustNet also helps decrease the cost and time spent on compliance by allowing companies to cryptographically segment regulated data from the rest of the network.

Product Search

 

Contact Us

  • ACA Pacific Technology (M) Sdn Bhd
  • + 60 (3) 7803 4600
  • + 60 (3) 7804 6017
  • Penang Office
  • + 60 (4) 619 2593
  • + 60 (4) 619 2693

Events

Our Vendor Profile

vendorprofile