Product was successfully added to your shopping cart.

Optical Layer-1 Encryption over DWDM

Optical Layer-1 Encryption over DWDM

PacketLight Networks offers Layer-1 encryption solutions for OTN and dark fiber networks, while delivering full data throughput.

PacketLight’s Layer-1 encryption solution supports applications such as secured data center connectivity for financial institutions, encrypted managed services for carriers, and secured networks for government institutions and utilities.

PacketLight's encryption solution ensures the confidentiality and integrity of data, based on GCM-AES-256 encryption standards, supporting Diffie-Hellman (DH) key exchange up to every 1-minute. In addition, the solution supports multiple protocols including 1G/10G/40G/100G LAN and 4G/8G/16G/32G FC.

PacketLight

Layer-1 Encryption over DWDM and CWDM

The PacketLight Layer-1 Encryption solution is achieved by the PL-1000TE-Crypto multi-rate, multi-service Dense Wavelength Division Multiplexing transponder (DWDM), supporting innovative cryptographic capability for 40GE, 10GbE, GbE data and 4/8/10/16G FC storage services.

PacketLight’s encryption is transparent to the traffic without any degradation to the DWDM link performance or to the QoS of transferred data. The PL-1000TE provides full end-to-end transparency of service data and clock with a low latency of less than 12 usec for 10GbE.

Historically, fiber optic communications have been considered more secure than copper infrastracture, since the cabling does not radiate. However, in recent years, it has been proven that it is possible to tap a fiber optic cable and extract all the data streams passing over through. As a result, awareness of data security over DWDM links has increased in many organizations, especially in banks, government entities, data centers and service providers.

The Cryptography Solution

PacketLight’s innovative cryptography solution offers high security level for the fiber infrastructure by encrypting and protecting the service level data flow. PacketLight’s encryption is transparent to the traffic without any degradation to the DWDM link performance or to the QoS of transferred data providing full end-to-end transparency of service data and clock with a low latency of less than 12 usec for 10GbE.

Encrypted Switch Diagram

PacketLight’s cryptography solution (PL-1000TE Crypto) performs GCM-AES-256 Encryption on layer-1 of the client signal, thus supporting full bandwidth of the 1/10/40G services. PacketLight’s cryptography solution is compliant with NIST FIPS 140-2 standards and NSA Suite B requirements for 40G Eth, 10G Eth and GbE services as well as 4/8/10/16Gb FC.

PacketLight’s comprehensive encryption solution ensures three major concerns of optical link security:

  • Confidentiality - preventing disclosure of information to unauthorized parties
  • Data integrity - ensuring that the message has not been altered
  • Authentication - validating that both parties involved are indeed who they claim to be

The PL-1000TE Crypto solution is applicable for services of GbE, 10GbE and 40GbE as well as 4/8/10Gb FC. The user can flexibly activate the encryption/decryption functionality for specific transponders and selected wavelengths.

Additionally, up to 10 encrypted signals can be multiplexed into a single 100G OTN uplink by PacketLight’s muxponder devices - PL-1000GM or PL-1000GT.

Other Security Methods

In addition to the data encryption, there are two additional security capabilities supported by all PacketLight DWDM devices:

  1. Fiber attenuation monitoring
  2. Firewall
  3. Secured access to management console

The Fiber Attenuation Monitoring method monitors the attenuation levels between two sites in real time and provides system alerts in case of any degradation in the fiber attenuation. Malicious fiber tapping attempts are one of the reasons that causes degradation in the fiber attenuation. With alerts provided by PacketLight’s units, such tapping attempts can be quickly identified and remedied.

The firewall functionality provides protection for PacketLight’s device against attacks targeted against the management port by enabling the user to maintain a white list of managers that can access the device and specify the list of blocked/allowed management protocols.

Set Ascending Direction

7 Item(s)

  1. NEW
    PacketLight PL-2000AD - 200G Optical Transport Solution

    PacketLight PL-2000AD - 200G Optical Transport Solution

    Ships in 15 to 20 Business Days

    SKU # PL-2000AD
  2. NEW
    PacketLight PL-2000ADS - 200G ADM/Muxponder/Transponder

    PacketLight PL-2000ADS - 200G ADM/Muxponder/Transponder

    Ships in 15 to 20 Business Days

    SKU # PL-2000ADS
  3. NEW
    PacketLight PL-2000DC - 1.6T DCI Optical Transport Platform

    PacketLight PL-2000DC - 1.6T DCI Optical Transport Platform

    Ships in 15 to 20 Business Days

    SKU # PL-2000DC
  4. NEW
    PacketLight PL-2000M - 200G Single Wavelength Muxponder

    PacketLight PL-2000M - 200G Single Wavelength Muxponder

    Ships in 15 to 20 Business Days

    SKU # PL-2000M
  5. PacketLight 1000TE-Crypto - 8 Multirate Transponders with Layer-1 Encryption

    Ships in 15 to 20 Business Days

    SKU # PL-1000TE-Crypto
  6. PacketLight PL-1000TN - High Capacity OTU2 Optical Transport Unit

    Ships in 15 to 20 Business Days

    SKU # PL-1000TN
  7. PacketLight 1000TE - Up to 16G Universal WDM Transponder

    Ships in 15 to 20 Business Days

    SKU # PL-1000TE
Set Ascending Direction

7 Item(s)

PacketLight and AusOptic

Authorised PacketLight implementation partner for Oceania.

  • Support
    24/7 Local Support

    Manufacturer-backed technical team with implementation experience across the world.

  • Integration
    Integration Services

    Full optical network design and integration services

  • Standards
    Standards Based

    Complying with international standards for optical networks and quality.

  • User-friendly
    Easy Operation

    Remote diagnostic capabilities for easy maintenance and operation.

 Top