- High Speed Data Protection
- Cloud Network Security
- Data Center Security
- VoIP Encryption
- Industry Solutions
- SCADA & Smart Grid Security
- PCI Compliance
- Government Solutions
- Regulatory Compliance
- Infrastrucutrure Security
- MPLS Encryption
- Multi-Carrier WAN Encryption
- Secure LAN Extension
- Secure Zone Architecture
Contact Us
Secure Zone Architectures
- Control and Secure PII, PCI
and other regulated data - Maintain Business Continuity
- Consolidate Security Management
Security Zone Architectures
Certes Networks Security Zone Architectures make it possible to protect regulated data across multiple applications, sites and data centers without impacting business continuity or application performance. Our reference architectures provide a security overlay that allows security and risk managers to create a "Secure Zone" for regulated data, without impacting the underlying infrastructure.
Problem Overview
Risk managers and security professionals face the daunting task of securing PII, PCI and other regulated data across enterprise-wide architectures. This task is complicated by the fact that regulated data is often used across several applications and housed on servers that are in multiple data centers, all of which need to be backed up at remote facilities. Adding to the complexity is the consolidation of data centers and the migration to private and public clouds – which on the surface shrink the scope of the problem, but in reality make the problem a moving target for those charged with protecting data.
While regulated data must be protected, the application of data security cannot impact business continuity or application performance. Managing several application security suites is not scalable and often leaves many security gaps for which the risk manager is also accountable. IPSec offers adequate protection, but it was never designed for anything beyond a small handful of point-to-point tunnels.
Solution Overview
With the advent of group encryption and the successful deployment of several reference Security Zone deployments, Certes Networks has designed Security Zone Architecture reference designs that allow companies to secure regulated data over any network under a single management solution. The architectures greatly reduce the cost and complexity of data protection and preserves network and application performance to ensure business continuity. Security Zone Architectures include reference designs for:
- Multi-Carrier Networks
- Full Mesh Networks
- VoIP and Multicast Video (with preservation of QoS/CoS)
- Layer 4 Networks
- MPLS and VPLS networks (with SLA and service transparency)
- Managed Service Deployment (allowing client control of security)
- Third Party and Private Data Centers and Clouds
- Supply Chain Continuity
- Healthcare Networks
To learn more about our Secure Zone Architecture or for pricing information, contact us at 1-888-833-1142 or feel free to ask us a question.
Learn More:
Variable Speed Encryptors
FIPS 140-2 Validated Encryptors
TrustNet Manager™
Downloads:
TrustNet Difference
TrustNet Manager Whitepaper
Group Encryption Whitepaper
Layer 4 Encryption Test Results
Features and Benefits
PII and PCI Data Protection
Secure regulated data across any number of applications, sites and data centers with a single security solution that’s easy to manage
Audit Scope Reduction
Helps reduce the scope of PCI audits and supports audit and logging requirements
Business Continuity
Avoid changes to the network and legacy applications by using cryptographic segmentation to limit the Cardholder Data Environment (CDE)
Security Consolidation
Secure your entire network with a single solution
High-speed Performance
Encrypts from 3Mbps to 10Gbps with only microsecond latency
Wire-rate Encrypted Throughput
Bump-in-the-wire implementation does not impact latency sensitive applications
Infrastructure Neutral
Compatible with all underlying networking gear, regardless of vendor
Learn More:
Variable Speed Encryptors
FIPS 140-2 Validated Encryptors
TrustNet Manager™
Downloads:
TrustNet Difference
TrustNet Manager Whitepaper
Group Encryption Whitepaper
Layer 4 Encryption Test Results
Secure Zone Architecture Use Case
Problem:
A major retailer has hundreds of locations and thousands of devices on the network. Because they accept credit cards, they are subject to PCI DSS data security regulation. The regulated data is used by dozens of applications and moves between several data centers (which are all backed up at offsite locations). Attempting to achieve data security across all applications and sites is cost prohibitive and physically segmenting data would cause a major disruption to business continuity.
Solution:
With Certes Networks' TrustNet solution, the company can quickly secure all regulated data – across applications and sites - without impacting application performance or causing disruptions to the business. TrustNet’s ability to cryptographically separate data types not only provides the highest level of data protection, but also significantly reduces the scope (and the costs) of compliance audits.
Secure LAN extension is used to backhaul traffic from the retail branches to the data center so the security infrastructure can be centralized, while allowing efficient branch-to-branch communication with group encryption that avoids point-to-point tunnels.
Benefits:
- The scope of the PCI audits is greatly reduced, saving time and money
- Security infrastructure is consolidated, saving money and simplifying policies and management
- Audit and logging requirements are fulfilled
- Compliance with regulations achieved without having to change existing infrastructure
- No change or action required from end users
Learn More:
Variable Speed Encryptors
FIPS 140-2 Validated Encryptors
TrustNet Manager™
Downloads:
TrustNet Difference
TrustNet Manager Whitepaper
Group Encryption Whitepaper
Layer 4 Encryption Test Results