Directory:Superna/Encryption Key Management White Paper
Encryption Key Management White Paper
This article contains information from the white paper about encryption key management published by Superna on the company's web site. This paper examines the state of WAN-based encryption and discusses solutions to secure the on ramp for hosted services. To view the paper in its entirety, please see External Links.
A Period of Change and Innovation
There has been a lot of change in the communications industry in the last fifteen years. The rise of the Internet in the mid 1990s fuelled the DotCom and TeleCom economies. During this time, there was lots of investment in Internet infrasctructure. By the end of the 1990s, there were many service providers with modern networks. However, these service providers had very little idea of how to extract value from revenue-generating services. By the turn of the millenium, the DotCom economy collapsed and many service providers disappeared. By 2005, many service providers retreated and the industry entered a period of consolidation.
The Internet continued to evolve during this period. Broadband access became ubiquitous and highspeed connectivity was now available to everyone. These days, wireless Internet options allow users to connect with each other anywhere and at any time. It's easy and affordable to access high speed networks.
New applications are appearing all the time, running "in the cloud", but with very little thought about security. With so many new network investments occurring, the level of competition is high. This competition means that small and medium businesses now face the same challenges as larger companies. However, smaller companies lack the large IT budget and the skills to properly implement security solutions.
Larger enterprises are striving to reduce their IT budgets. This means reduction and consolidation of network infrastructure, centralizing applications and data to locations where IT expertise is located, and reducing the number of unique instances (and costs) of software applications. All of these dynamics have created new opportunities for service providers to evolve.
The Emergence of a New Breed of Service Provider
Hosted Managed Service Providers (MSPs) provide value added solutions to enterprise and business customers of all sizes. Hosted MSPs offer services such as application hosting, online business enablement, IT consolidation, and Software as a Service (SaaS).
Hosted MSPs own and operate data centers and offer advanced outsourced IT services. Data centers house servers and storage devices which remotely run applications from many enterprise customers. Some hosted MSPs also own some network infrastructure; the majority, however, do not.
In order to connect remote enterprise customers to their applications and data, hosted MSPs must lease bandwidth from 3rd party connectivity service providers. The hosted MSP data center will also include secure co-location areas where multiple service providers will deploy their equipment, which is to be used to backhaul traffic from enterprise customer locations.
Hosted applications require high bandwidth, availability, and security. MSPs that ensure end-to-end security of their offering will take a larger market share of enterprise customers looking to outsource applications. Offering an encrypted on ramp to hosted services will differentiate the service in the market.
Most 3rd party service providers offer Ethernet-based networking solutions. Ethernet Private Lines are the most commonly leased services by the MSP. In order to take advantage of MSP and Cloud Offers, enterprises need encrypted solutions from service providers.
Hosting and Cloud Computing Need Encryption
The Superna Network Security Portal (NSP) meets all of the following criteria for a company:
- separate device monitoring and management from security management
- separate GUI for managing security for the security organization
- separate user login for security management with role-based access
- encrypted connection to network elements
- scheduled key rotation based on corporate standards
- network-wide view of all devices performing encryption
- ability to integrate with 3rd party key management platforms
NSP reduces the barriers to outsourcing expensive encryption devices for service providers. It allows service providers to acquire encryption as an Operational Expense as opposed to a Capital Expenditure, while still retaining control of information security.
NSP has been deployed in military, financial, government and business consulting market segments. It has been integrated by equipment makers in enterprise and optical market segments into their encryption market offerings.