WEBSITE FEEDBACK We're performing some upgrades behind the scenes. Get in touch if you run into any issues, or have suggestions for us.
×

Optical Layer-1 Encryption over DWDM

Optical Layer-1 Encryption over DWDM

PacketLight Networks offers Layer-1 encryption solutions for OTN and dark fiber networks, while delivering full data throughput.

PacketLight’s Layer-1 encryption solution supports applications such as secured data center connectivity for financial institutions, encrypted managed services for carriers, and secured networks for government institutions and utilities.

PacketLight's encryption solution ensures the confidentiality and integrity of data, based on GCM-AES-256 encryption standards, supporting Diffie-Hellman (DH) key exchange up to every 1-minute. In addition, the solution supports multiple protocols including 1G/10G/40G/100G LAN and 4G/8G/16G/32G FC.

PacketLight

Layer-1 Encryption over DWDM and CWDM

The PacketLight Layer-1 Encryption solution is achieved by the PL-1000TE-Crypto multi-rate, multi-service Dense Wavelength Division Multiplexing transponder (DWDM), supporting innovative cryptographic capability for 40GE, 10GbE, GbE data and 4/8/10/16G FC storage services.

PacketLight’s encryption is transparent to the traffic without any degradation to the DWDM link performance or to the QoS of transferred data. The PL-1000TE provides full end-to-end transparency of service data and clock with a low latency of less than 12 usec for 10GbE.

Historically, fiber optic communications have been considered more secure than copper infrastracture, since the cabling does not radiate. However, in recent years, it has been proven that it is possible to tap a fiber optic cable and extract all the data streams passing over through. As a result, awareness of data security over DWDM links has increased in many organizations, especially in banks, government entities, data centers and service providers.

The Cryptography Solution

PacketLight’s innovative cryptography solution offers high security level for the fiber infrastructure by encrypting and protecting the service level data flow. PacketLight’s encryption is transparent to the traffic without any degradation to the DWDM link performance or to the QoS of transferred data providing full end-to-end transparency of service data and clock with a low latency of less than 12 usec for 10GbE.

Encrypted Switch Diagram

PacketLight’s cryptography solution (PL-1000TE Crypto) performs GCM-AES-256 Encryption on layer-1 of the client signal, thus supporting full bandwidth of the 1/10/40G services. PacketLight’s cryptography solution is compliant with NIST FIPS 140-2 standards and NSA Suite B requirements for 40G Eth, 10G Eth and GbE services as well as 4/8/10/16Gb FC.

PacketLight’s comprehensive encryption solution ensures three major concerns of optical link security:

  • Confidentiality - preventing disclosure of information to unauthorized parties
  • Data integrity - ensuring that the message has not been altered
  • Authentication - validating that both parties involved are indeed who they claim to be

The PL-1000TE Crypto solution is applicable for services of GbE, 10GbE and 40GbE as well as 4/8/10Gb FC. The user can flexibly activate the encryption/decryption functionality for specific transponders and selected wavelengths.

Additionally, up to 10 encrypted signals can be multiplexed into a single 100G OTN uplink by PacketLight’s muxponder devices - PL-1000GM or PL-1000GT.

Other Security Methods

In addition to the data encryption, there are two additional security capabilities supported by all PacketLight DWDM devices:

  1. Fiber attenuation monitoring
  2. Firewall
  3. Secured access to management console

The Fiber Attenuation Monitoring method monitors the attenuation levels between two sites in real time and provides system alerts in case of any degradation in the fiber attenuation. Malicious fiber tapping attempts are one of the reasons that causes degradation in the fiber attenuation. With alerts provided by PacketLight’s units, such tapping attempts can be quickly identified and remedied.

The firewall functionality provides protection for PacketLight’s device against attacks targeted against the management port by enabling the user to maintain a white list of managers that can access the device and specify the list of blocked/allowed management protocols.

Filter Products By
Shop By
Shopping Options
Type
  1. Add-Drop Multiplexer (ADM)
  2. Muxponder
  3. Transponder
Industry
  1. Carriers, Service and Content Providers
  2. Campus Networks
  3. Data Centres
  4. Enterprise Networks
  5. Financial Institutions
  6. Broadcast
  7. Utilities
Set Ascending Direction

7 Items

per page
  1. Rating:
    0%
    PacketLight PL-2000M - 200G Single Wavelength Muxponder
    SKU: PL-2000M
    PacketLight's PL-2000M is a 200G multi-protocol multi-rate muxponder/transponder for building high capacity optical transport networks. Its flexible architecture enables the same device to be used in multiple applications and adapt to network growth and changes. Learn More
    Request Quote
    Ships in 15 to 20 Business Days
  2. Rating:
    0%
    PacketLight PL-2000DC - 1.6T DCI Optical Transport Platform
    SKU: PL-2000DC
    The PL-2000DC is a transport platform for DCI (data center interconnect), cloud providers, colocation providers, and high capacity applications, delivering up to 1.6T in a 1U chassis. Learn More
    Request Quote
    Ships in 15 to 20 Business Days
  3. Rating:
    0%
    PacketLight PL-2000ADS - 200G ADM/Muxponder/Transponder
    SKU: PL-2000ADS
    The PL-2000ADS is a 200G multi-protocol multi-rate muxponder/transponder/ADM for short haul optical transport solutions and Layer-1 encryption. Learn More
    Request Quote
    Ships in 15 to 20 Business Days
  4. Rating:
    0%
    PacketLight PL-2000AD - 200G Optical Transport Solution
    SKU: PL-2000AD
    The PL-2000AD is a compact 1RU 200G ADM targeted for next generation Metro and Long Haul Applications Learn More
    Request Quote
    Ships in 15 to 20 Business Days
  5. Rating:
    0%
    PacketLight 1000TE - Up to 16G Universal WDM Transponder
    SKU: PL-1000TE
    The PL-1000TE is Low Latency Multirate and Multi-Protocol transponder providing high capacity optical transport solution for rates up to 16G in a single 1RU unit Learn More
    Request Quote
    Ships in 15 to 20 Business Days
  6. Rating:
    0%
    PacketLight PL-1000TN - High Capacity OTU2 Optical Transport Uni
    SKU: PL-1000TN
    The PL-1000TN is an advanced, highly integrated 8G/10G OTU2 OTN solution with transport capacity of 60G within compact 1U Learn More
    Request Quote
    Ships in 15 to 20 Business Days
  7. Rating:
    0%
    PacketLight 1000TE-Crypto - 8 Multirate Transponders with Layer-
    SKU: PL-1000TE-Crypto
    The PL-1000TE-Crypto provides transparent low latency layer-1 encryption solution for both Ethernet and Fibre Channel protocols up to 80G in compact 1U chassis Learn More
    Request Quote
    Ships in 15 to 20 Business Days
Set Ascending Direction

7 Items

per page