Tel Aviv, Israel – April 16th, 2015
PacketLight has enhanced its latest PL-1000TE Crypto multi-rate, multi-service DWDM encrypted transponder by adding cryptographic capability for 40G Ethernet and 16G Fibre channel services.
PacketLight’s cryptography performs GCM-AES-256 layer-1 encryption for up to 8 multirate Ethernet and Fibre channel configurable transponders. The encrypted service provides full end-to-end transparency of service data and clock with a minimal latency.
For improved security, PacketLight’s encryption uses periodical key exchange according to the Elliptic Curve Cryptography Cofactor Diffie-Hellman (ECC CDH) algorithm.
PacketLight’s comprehensive encryption solution ensures three major concerns of optical link security:
- Confidentiality - preventing disclosure of information to unauthorized parties
- Data integrity - ensuring that the message has not been altered
- Authentication – validating that both parties involved are indeed who they claim to be
The PL-1000TE encryption solution is applicable for 1G/10G and 40G Ethernet and for 4G/ 8G/10G and 16G Fibre channel services. The user can flexibly activate the encryption functionality for specific transponders.
Additionally, up to 10 encrypted signals can be multiplexed into a single 100G OTN uplink by PacketLight’s muxponder devices - PL-1000GM or PL-1000GT. The encryption solution is fully compliant with NIST FIPS 140-2 Level 2 and with NSA Suite B requirements.
"We have enhanced the L1 Encryption capabilities of the PL-1000TE Crypto 1U DWDM Transponder to form secured links between or within the data centers now supporting all common service types. This product is highly cost effective and allows enterprises to meet the new security requirements at a minimal expense. PacketLight’s solution is transparent to the traffic without any degradation to the DWDM link performance or QoS of the data" stated Koby Reshef, PacketLight’s CEO.
PL-1000TE Crypto is easily configurable through Web GUI or by PacketLight’s LightWave™ NMS software or by a third party SNMP management OS allowing port setup and configuration of firewall and radius server as well as remote troubleshooting and diagnosis.