Optical Connections Magazine Autumn 2018

ELLEN MANNING NETWORK SECURITY

of network appliances (e.g., firewalls, DPI, and routers) that were previously instantiated in separate hardware platforms, and to instead leverage these functions using generic x86-based compute hardware.

across fiber-optic networks, today’s web-scale communications must deploy an IT security approach that encompasses not just server security and at-rest encryption, but also a robust in- flight encryption solution.” When it comes to the future of optical network security, “the key is to develop techniques and optical device hardware as well as new ways of coding information to send it, in combination with intelligent digital signal processing to receive it, to enable high-capacity, secure and reliable optical network infrastructure,” says Prof Bayvel. That means even more complex encryption. According to Gomez, the need to encrypt data at the optical layer at higher capacities than what is available today - 10G to 200G with Ciena’s WaveLogic Encryption - will continue to grow. Software-Defined Networking (SDN) and Network Functions Virtualization (NFV) will also be part of the next evolution in securing both the network and the in-flight data across it, she says. “With SDN, various points in the cyber event chain—breach, reconnaissance, and exploitation—become both an indicator of events and a response mechanism. The flexibility and responsiveness of the network actively defends and combats denial-of-service- type attacks, especially as these attacks evolve toward cloud-type services. “NFV enables the ability to virtualize a number

somebody might want to gain some information on you, ie if you’re about to launch a new product, then telling your IT security teams to walk round with the physical security team is a wise move.” While stopping the bad guys from accessing your information is one way to prevent a breach, preventing them making sense of that data is another. That’s where encryption comes in. “Essentially, if the data coming down the fibre optic cable is encrypted then I can still intercept it, but when I read it it’s gobbledegook,” says Warrington. For the average consumer, o-the-shelf encryption software would do the trick, says Essomba, who has worked with global giants including BP and Barclays. “But for big providers like banks, software might be a bit too slow so they actually have physical hardware whose sole purpose is to encrypt the data.” Paulina Gomez, Specialist, Product and Technical Marketing at Ciena, says while no organisation is immune, enabling encryption capabilities can prevent attacks on optical networks. She says: “Deploying a transport-layer encryption solution protects all in-flight data, at all times, ensuring every bit is secure, no matter where that data is going.” A key element of Ciena’s Assured Networking solutions is to eliminate any potential gaps within an organisation’s security strategy that can be exploited, says Gomez. “As increasingly more sensitive information gets distributed

Deploying a transport-layer

encryption solution protects all in-flight data, at all times

“By utilizing NFV, a network operator can instantly distribute and manage these virtual appliances to any location, via the network. This not only saves space, power, and hardware costs, but it also evolves service delivery and ensures consistent security levels across the enterprise.” Warrington sees things going even further, with the advent of quantum encryption. “That relies on writing the encryption codes, or keys, upon single photons of light,” he says. “If a hacker tries to eavesdrop on the line, they will disturb the encoding of the photon and be detected. We’re still a long way o truly secure communication using quantum encryption, but it is the future.”

www.opticalconnectionsnews.com

29

ISSUE 10 | Q3 2017

Made with FlippingBook - Online magazine maker