Description: Parts of the corporate network, such as disk drives and servers, can be at risk of intrusion without a proper data protection architecture. Ron Willis of Cipher Optics explains how companies are using this architecture to secure their networks.
Hello, I'm Ron Willis, CEO of CipherOptics, and today I'm here to talk to you about how to secure data over your corporate networks. Let me first start out by talking about how network security is used today. One of the first approaches companies have taken to protect network security is by protecting their infrastructure. And this is through things such as firewalls, intrusion detection systems, intrusion prevention systems, deep packet inspection and other technologies to protect, secure and keep their networks running.
Then over the last four or five years, they've focused on how to secure the people that have access to the networks. And we use things such as AAA, which consists or Radius. We have technologies such as Knack, Knap, Unified Threat Management and others that are used to make sure that only the right people have access to today's networks.
However, with all this protection that's been put into place, one of the things that still remains unprotected is data. Greater than 61 million personal records were stolen just in the last 15 months alone. So obviously not enough work or not enough protection exists within the network to protect data.
That's really the third element of network protection and network security that I want to talk about. So for protecting data, you're primarily using a technology called encryption. And encryption also requires that we have policy and keys in order to make it work and make it be effective. However, today's encryption technologies for the network such as IP set suffers some severe problems when trying to protect the network. It doesn't scale. It's very hard to set up and manage, very expensive to deploy. It also breaks key network elements such as load balancing, redundancy, multicast and broadcast, all technologies that get broken by using network security such as IP set.
So what a number of companies are working on today to protect data within the network is a data protection architecture. So within the network, we have a number of different network elements. We have disk drives, we have servers, router switches, we've got PCs, we've got IP phones and a number of different elements we connect to today's networks. And more and more, these network elements are beginning to include encryption as one of the basic functions within the technology.
So the challenge is how d owe make all these things tie together and work together to protect data. And so we have a concept of a key authority that manages keys and ties all of these different resources together into this data protection architecture. And this is much analogous to technology called DHCP, Dynamic Host Configuration Protocol. And what this allowed IP to do in its early days was a user to connect to the network and automatically receive IP addressing information so they could connect to the network. That technology really made IP become the connectivity utility that it is today. And this key authority will do the same thing for encryption, allowing different resources to automatically connect and pick up policies and keys from this key authority. This will allow for skill, ubiquity, set-up and management that's unheard of with today's technologies.
And there's one last critical element to this and this is policy management. And policy management ties into existing network security technologies to pick up entitlements and authentications that take place there, and push those down to the key authority. So by adding these solution elements to today's networks, we're able to completely eliminate these risk associated with lost data, and for the first time we're able to completely secure data over today's networks.
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Which solar technology will survive?
-
At the Cleantech Forum in San Francisco, Todd Glass of Heller Ehrman moderates a discussion, among tech execs, on the various solar technologies making a difference in the green movement.
- Watch the video >>
- Is it time for "Radical Change" in IT?
-
We need to get back to freethinking and innovation that is core to our roots. Companies like Intel were founded on thoughts like the famous quote from Robert Noyce - "Don't be encumbered by the past, go out and do something wonderful."
- Read the impassioned view on IT@Intel Blog >>
