[c-nsp] Transparent WAN Encryption
Antonio Soares
amsoares at netcabo.pt
Sun Feb 2 16:10:08 EST 2014
I'm looking for the simplest way to do it. Most customers have L2
connections between Data Centers. The edge device controlled by the customer
is a Layer 2 Switch. The mechanisms like IPSec, GETVPN, FlexVPN, an so on,
need a router in the edge. This implies modification of the customer's
topologies. L2 encryption seems the perfect solution and it seems there are
several options on the market.
Regards,
Antonio Soares, CCIE #18473 (RS/SP)
amsoares at netcabo.pt
http://www.ccie18473.net
-----Original Message-----
From: Jeff Orr [mailto:jorr at communicorr.com]
Sent: domingo, 2 de Fevereiro de 2014 17:25
To: Antonio Soares
Cc: <cisco-nsp at puck.nether.net>
Subject: Re: [c-nsp] Transparent WAN Encryption
If you are using a private MPLS (I.e. Not over Internet) & have Cisco CE
routers consider GETVPN.
For the reasons you mentioned, we as a customer went this direction.
We needed to ensure our WAN (150 sites/multiple data centers)traveling
across a variety of links/providers including DS1/DS3/Metro-e is secure.
It has really scaled & worked well. GETVPN is VRF aware & can function on
the PE side as well.
-jeff
Sent from my AT&T iPhone
> On Feb 1, 2014, at 9:16 PM, Antonio Soares <amsoares at netcabo.pt> wrote:
>
> Hello group,
>
>
>
> Service Provider WAN links are not secure anymore and I have more and
> more enterprise customer asking transparent WAN encryption solutions.
> I came across these two products:
>
>
>
> EncryptTight:
>
>
>
> http://www.blackbox.com/Store/Results.aspx/Networking/Security-Optimiz
> ation/
> Encryption/n-4294953119
>
>
>
> TrustNet:
>
>
>
> http://www.certesnetworks.com/securitysolutions/wan-encryption.html
>
>
>
> Anyone has experience with these products ? This seems the ideal solution.
> The networks remain exactly the same as they were, we simply add these
> devices to do their job.
>
>
>
>
>
> Thanks.
>
>
>
> Regards,
>
>
>
> Antonio Soares, CCIE #18473 (RS/SP)
> amsoares at netcabo.pt
>
> http://www.ccie18473.net <http://www.ccie18473.net/>
>
>
>
>
>
>
More information about the cisco-nsp
mailing list