SlideShare a Scribd company logo

Introducing ConnectGuard™ Cloud

ADVA
ADVA

ConnectGuard™ Cloud is the industry's first virtualized encryption technology. It safeguards data in multi- and hybrid-cloud environments and enables service providers to move away from IPSec-focused appliance-based solutions that are costly and inflexible. Based on ADVA's award-winning Ensemble Connector with its zero touch provisioning capabilities, ConnectGuard™ Cloud supports the roll out of secure cloud connectivity to thousands of endpoints within minutes.

Technology
1 of 23
Download to read offline
Introducing ConnectGuardTM Cloud May 2018 Secure cloud connectivity for multi-cloud environments
© 2018 ADVA Optical Networking. All rights reserved.22 Overview of ConnectGuard Cloud • ConnectGuard Cloud technology is part of ConnectGuard family • First in the industry to deliver virtualized end-to-end encryption in multi-cloud environments • Breakthrough for service providers and enterprises that want to move away from IPSec and appliance-based solutions that are costly and inflexible • Military-grade encryption can be deployed on any COTS server or in a public cloud infrastructure. • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Automated key management for operational simplicity – no need for an externally managed IKE or PKI system • Based on the award-winning Ensemble Connector – with zero touch provisioning capabilities, customers can roll out secure cloud connectivity to thousands of endpoints within minutes.
© 2018 ADVA Optical Networking. All rights reserved.33 Agenda • Drivers for new encryption solutions • ConnectGuardTM Cloud in the ADVA portfolio • Benefits of ConnectGuardTM Cloud • Summary and additional resources
© 2018 ADVA Optical Networking. All rights reserved.44 © 2018 ADVA Optical Networking. All rights reserved. Confidential.4 Drivers for new encryption solutions
© 2018 ADVA Optical Networking. All rights reserved.55 When your destination is the cloud … You’ll need a secure path to get there
© 2018 ADVA Optical Networking. All rights reserved.66 Industry observations on security Security threats to enterprises are real and growing • Threats include loss of data, compromised secrets, civil suits • Statutory and regulatory requirement (e.g., GDPR) are raising the importance of compliance and the cost of non-compliances Appliance-based security solutions are costly, inflexible, logistically difficult and not cloud-friendly • Any security solution must address hybrid cloud and multi-cloud applications New virtualized solutions provide a ground-breaking approach to address today's threats and limitations • They also open the door for complementary applications
© 2018 ADVA Optical Networking. All rights reserved.77 Encryption challenges Latency Transparency Applicability The application should determine at which layer to encrypt Support encryption over any kind of access or transport network Apply encryption at customer premises, data center or public cloud Cost Compatibility Efficiency Cost per encrypted bit and initial cost are important Support services at the layer where they perform best Encryption has an impact on resource and network utilization
© 2018 ADVA Optical Networking. All rights reserved.88 Virtual encryption delivers high-performance, flexible secure cloud connectivity Secure cloud connectivity use case Drivers for software endpoints • Cloud-native implementation for multiple public cloud environments where the endpoints must reside on cloud infrastructure rather than dedicated hardware appliances • SaaS applications in the cloud, where latency can create performance impacts • Regulatory requirements such as GDPR • Business or government networks where high-quality encryption is required Dynamic encrypted networking • Flexible encrypted mesh for policy-based secure VPNs • Application-aware encryption at L2/L3/L4 • Supports point-to-point and hub-and-spoke topologies • Eliminates dependence on application-level encryption Security with uCPE upgrades • Upgrade with other security applications or enterprise apps Effective cost points • TCO analysis demonstrates software trumps appliances • Turnkey option for enterprise deployments
© 2018 ADVA Optical Networking. All rights reserved.99 Secure cloud connectivity: any-to-any Public cloud #1 Public cloud #2 Private cloud HQ On-net branch Hybrid branch Off-net branch Public internet IP-VPN (MPLS) CE L2VPN Color key: encryption only / encryption + L2 tunnel SD-WAN hybrid WAN
© 2018 ADVA Optical Networking. All rights reserved.1010 © 2018 ADVA Optical Networking. All rights reserved. Confidential.10 ConnectGuardTM Cloud in the ADVA portfolio
© 2018 ADVA Optical Networking. All rights reserved.1111 Secure connectivity across all networks • Secure cloud connectivity • Endpoints: >1K to 100K • Secure VPN connectivity • Endpoints: 100 to 1000 • Secure data center connectivity • Endpoints: 10 to 100 CloudEthernetOptical Physical connectivity Virtual connectivity Cloud connectivity Certified solution Certified solution
© 2018 ADVA Optical Networking. All rights reserved.1212 ADVA ConnectGuard™ security suite Technologies Product(s) Application ConnectGuardTM Management FSP NM Crypto Manager Encryption domain management ConnectGuardTM Optical FSP 3000 Secure data center connectivity ConnectGuardTM Ethernet FSP 150 Secure VPN connectivity ConnectGuardTM Cloud Connector Encryption, Ensemble Director Secure cloud connectivity
© 2018 ADVA Optical Networking. All rights reserved.1313 ConnectGuardTM Cloud benefits Implemented in Ensemble Connector Encryption and Director Cloud-native software encryption can be hosted on uCPE or in cloud • End-to-end encryption in multi-cloud environments – prevents man-in-the-middle attack vectors • Flexible, policy-based and application-aware secure networking – point-to-point or mesh • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Based on FIPS-compliant technology from Senetas Compute and bandwidth efficiency • Greatly improved throughput, overhead and latency versus IPSec – 8-24 bytes O/H versus 76 • Minimizes cost of hosting server – no need for hardware appliances Encrypted connections can be shared by multiple applications • No need to rely on SD-WAN or firewall encryption • Encryption functionality is separated from VNFs for layered security • Eliminates need for piecemeal application security Automated key management for operational simplicity • No need for an externally managed IKE or PKI system
© 2018 ADVA Optical Networking. All rights reserved.1414 Why use Ensemble Connector? Connector provides cloud-native computing (Linux/KVM/OpenStack), plus: 1. Accelerated vSwitch 2. Carrier Ethernet 2.0 3. Networking incl. LTE 4. Zero touch commissioning (ZTC) 5. Embedded cloud (OpenStack) 6. Integrated OS with open interfaces 7. Device scalability 8. Telco management 9. High availability 10. Platform security 11. Encryption engine 12. Local router 6. Ensemble Connector 7. Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM /QEMU 1. Virtual switch - Connector VNF / VM VNF / VMVNF / VM 2. CE 2.0 3. Network 8. Telco management 10. Security 4. ZTC Standard cloud environment Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM / QEMU Virtual switch – OVS and DPDK VNF / VM VNF / VMVNF / VM 9. HA 5. OpenStack 11. Encryption 12. Local router
© 2018 ADVA Optical Networking. All rights reserved.1515 © 2018 ADVA Optical Networking. All rights reserved. Confidential.15 Benefits of ConnectGuardTM Cloud Provided by Ensemble Connector Encryption
© 2018 ADVA Optical Networking. All rights reserved.1616 Integrated key derivation function (KDF) • Integrated KDF for managing key lifecycle • Secure centralized key management that delivers keys from a FIPS-certified appliance • Automatic key updates managed with timestamps • Manages keys at Layer 2, 3 and 4 • FIPS-compliant technology for multi-layer encryption • Random number generator with equivalent entropy to hardware platforms • Scales to thousands of endpoints • No master/slave requirement • Zero touch provisioning
© 2018 ADVA Optical Networking. All rights reserved.1717 Flexible encryption options • AES-256 CTR/GCM mode • Confidentiality only OR • Confidentiality + authentication • Multi-layer simultaneous encryption policies • Layer 2: Ethernet (MAC or VLAN) • Layer 3: IPv4/v6 subnets • Layer 4: IP + port • NAT passthrough • Netflow/Jflow support • Policy-based routing Low overhead per packet. Best case is one third of the overhead per packet compared to military grade IPSec. Overhead: • 8 bytes for encryption header (sender ID, key bank, frame counter) • 4 bytes additional header for TCP (layer 4 encryption only) • 16 bytes additional authentication data (optional)
© 2018 ADVA Optical Networking. All rights reserved.1818 Centralized key distribution with KDF Optional alternative to integrated KDF • Single centralized platform for managing key lifecycle • FIPS-certified server* distributes keys to all endpoints • Key server is tiered and redundant for resiliency • Uses industry standard key management protocol (KMIP) • Control plane isolation • Scales to hundreds of thousands of endpoints • Policy driven by: • Single key management system for all data • Key management required on specific site • FIPS requirements *SafeNet KeySecure or Senetas hardware encryptor as server
© 2018 ADVA Optical Networking. All rights reserved.1919 IPSec over internet Connector EncryptionPlain internet IPSec significantly impacts transmission performance Actual measurements from live test of 1Gbit/s traffic over internet Why not use IPSec? Throughput 56% – 86%* Latency: 37 – 79* ms Throughput 16% – 20%* Latency: 37 – 79* ms Throughput 56% – 95%* Latency: 37 – 79* ms *Depending on frame size 64-1M bytes
© 2018 ADVA Optical Networking. All rights reserved.2020 © 2018 ADVA Optical Networking. All rights reserved. Confidential.20 Summary and additional resources
© 2018 ADVA Optical Networking. All rights reserved.2121 Summary Enterprises are moving workloads into the cloud, including consumption of IaaS, PaaS, and SaaS services, in both multi-cloud and hybrid cloud models Achieving multi-cloud benefits requires efficient, secure and transparent connectivity Need a software solution that is compatible with uCPE and cloud deployments • Encrypt all the way into the cloud • Using low-cost uCPE servers at the customer site • Efficient and low-overhead encryption Benefits: • Transport of Layer 2 traffic over Layer 2 or Layer 3 access • Software solution that is compatible with existing encryption deployments • Ability to encrypt at Layers 2, 3 or 4 depending on requirements of the application • Efficient encryption minimizes required processing and network overhead • Modular, cloud native architecture – supports uCPE and public cloud, provides choice • Sophisticated key management • Turnkey solutions available
© 2018 ADVA Optical Networking. All rights reserved.2222 Additional resources • Securing zero touch for uCPE deployments • Using the Cloud to Secure the Cloud • Security is a many-layered thing* • Meet Anna and the future of virtualized encryption in the cloud
Thank you IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited. The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation. Copyright © for the entire content of this presentation: ADVA Optical Networking.

Recommended

Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edgeADVA
 
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...ADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProADVA
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters ADVA
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metroADVA
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute serversADVA
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transitionADVA
 

Recommended

Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edgeADVA
 
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...ADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProADVA
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters ADVA
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metroADVA
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute serversADVA
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transitionADVA
 
OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationADVA
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationADVA
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA
 
SatAware assures satellite-based timing
SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timingADVA
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesADVA
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOSDan Dovolsky
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timingADVA
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksADVA
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a serviceADVA
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...ADVA
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services nowADVA
 
Security and services drive data north
Security and services drive data northSecurity and services drive data north
Security and services drive data northADVA
 
Transforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerTransforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerADVA
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityADVA
 
Synchronizing 5G networks
Synchronizing 5G networksSynchronizing 5G networks
Synchronizing 5G networksADVA
 
5G is more than a new radio - network slicing
5G is more than a new radio - network slicing5G is more than a new radio - network slicing
5G is more than a new radio - network slicingADVA
 
Application-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationApplication-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationADVA
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network securityADVA
 
GNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationGNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationADVA
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerADVA
 

More Related Content

What's hot

OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationADVA
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationADVA
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA
 
SatAware assures satellite-based timing
SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timingADVA
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesADVA
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOSDan Dovolsky
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timingADVA
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksADVA
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a serviceADVA
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...ADVA
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services nowADVA
 
Security and services drive data north
Security and services drive data northSecurity and services drive data north
Security and services drive data northADVA
 
Transforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerTransforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerADVA
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityADVA
 
Synchronizing 5G networks
Synchronizing 5G networksSynchronizing 5G networks
Synchronizing 5G networksADVA
 
5G is more than a new radio - network slicing
5G is more than a new radio - network slicing5G is more than a new radio - network slicing
5G is more than a new radio - network slicingADVA
 
Application-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationApplication-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationADVA
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network securityADVA
 
GNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationGNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationADVA
 

What's hot (20)

OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronization
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronization
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids
 
SatAware assures satellite-based timing
SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timing
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart cities
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOS
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timing
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networks
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a service
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services now
 
Security and services drive data north
Security and services drive data northSecurity and services drive data north
Security and services drive data north
 
Transforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerTransforming network operations with Ensemble Controller
Transforming network operations with Ensemble Controller
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
 
Synchronizing 5G networks
Synchronizing 5G networksSynchronizing 5G networks
Synchronizing 5G networks
 
5G is more than a new radio - network slicing
5G is more than a new radio - network slicing5G is more than a new radio - network slicing
5G is more than a new radio - network slicing
 
Application-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationApplication-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregation
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network security
 
GNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationGNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor Synchronization
 

Similar to Introducing ConnectGuard™ Cloud

Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerADVA
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoThousandEyes
 
Cloud Services: Is the Transport Network a Utility or Differentiator
Cloud Services: Is the Transport Network a Utility or DifferentiatorCloud Services: Is the Transport Network a Utility or Differentiator
Cloud Services: Is the Transport Network a Utility or DifferentiatorADVA
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco Canada
 
Implementing holistic security for containers and Kubernetes with Calico and ...
Implementing holistic security for containers and Kubernetes with Calico and ...Implementing holistic security for containers and Kubernetes with Calico and ...
Implementing holistic security for containers and Kubernetes with Calico and ...NETWAYS
 
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and moreAdvanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and moreinside-BigData.com
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...ADVA
 
Bulding a modern infrastructure & data center
Bulding a modern infrastructure & data centerBulding a modern infrastructure & data center
Bulding a modern infrastructure & data centerFuture Cloud Summit
 
Automated Deployment and Management of Edge Clouds
Automated Deployment and Management of Edge CloudsAutomated Deployment and Management of Edge Clouds
Automated Deployment and Management of Edge CloudsJay Bryant
 
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...VMworld
 
TechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANTechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANRobb Boyd
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrailnvirters
 
Pure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandPure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandADVA
 
Transforming Networks into a NFV-Centric Environment
Transforming Networks into a NFV-Centric EnvironmentTransforming Networks into a NFV-Centric Environment
Transforming Networks into a NFV-Centric EnvironmentADVA
 
Cisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Canada
 
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spotsIXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spotsCisco Russia
 

Similar to Introducing ConnectGuard™ Cloud (20)

Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network Layer
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
 
Cloud Services: Is the Transport Network a Utility or Differentiator
Cloud Services: Is the Transport Network a Utility or DifferentiatorCloud Services: Is the Transport Network a Utility or Differentiator
Cloud Services: Is the Transport Network a Utility or Differentiator
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
Implementing holistic security for containers and Kubernetes with Calico and ...
Implementing holistic security for containers and Kubernetes with Calico and ...Implementing holistic security for containers and Kubernetes with Calico and ...
Implementing holistic security for containers and Kubernetes with Calico and ...
 
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and moreAdvanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
 
SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
 
Bulding a modern infrastructure & data center
Bulding a modern infrastructure & data centerBulding a modern infrastructure & data center
Bulding a modern infrastructure & data center
 
Automated Deployment and Management of Edge Clouds
Automated Deployment and Management of Edge CloudsAutomated Deployment and Management of Edge Clouds
Automated Deployment and Management of Edge Clouds
 
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
 
TechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANTechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WAN
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
 
cn-series-se-presentation.pptx
cn-series-se-presentation.pptxcn-series-se-presentation.pptx
cn-series-se-presentation.pptx
 
Ip tunneling and vpns
Ip tunneling and vpnsIp tunneling and vpns
Ip tunneling and vpns
 
Pure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandPure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural Broadband
 
Transforming Networks into a NFV-Centric Environment
Transforming Networks into a NFV-Centric EnvironmentTransforming Networks into a NFV-Centric Environment
Transforming Networks into a NFV-Centric Environment
 
Cisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloud
 
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spotsIXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
 

More from ADVA

Industrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockIndustrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockADVA
 
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...ADVA
 
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clockIndustry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clockADVA
 
Addressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureAddressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureADVA
 
Precise and assured timing for enterprise networks
Precise and assured timing for enterprise networksPrecise and assured timing for enterprise networks
Precise and assured timing for enterprise networksADVA
 
Introducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandIntroducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandADVA
 
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ADVA
 
Sync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareSync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareADVA
 
Meet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingMeet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingADVA
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionADVA
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkADVA
 
Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...ADVA
 
Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)ADVA
 
Open optical edge connecting mobile access networks
Open optical edge connecting mobile access networksOpen optical edge connecting mobile access networks
Open optical edge connecting mobile access networksADVA
 
Introducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorIntroducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorADVA
 
Meet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceMeet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceADVA
 
Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™ADVA
 
10G edge technology for outdoor environments
10G edge technology for outdoor environments10G edge technology for outdoor environments
10G edge technology for outdoor environmentsADVA
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networksADVA
 
From leased lines to optical spectrum services
From leased lines to optical spectrum servicesFrom leased lines to optical spectrum services
From leased lines to optical spectrum servicesADVA
 

More from ADVA (20)

Industrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockIndustrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clock
 
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
 
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clockIndustry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
 
Addressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureAddressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructure
 
Precise and assured timing for enterprise networks
Precise and assured timing for enterprise networksPrecise and assured timing for enterprise networks
Precise and assured timing for enterprise networks
 
Introducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandIntroducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demand
 
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
 
Sync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareSync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with software
 
Meet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingMeet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networking
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical network
 
Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...
 
Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)
 
Open optical edge connecting mobile access networks
Open optical edge connecting mobile access networksOpen optical edge connecting mobile access networks
Open optical edge connecting mobile access networks
 
Introducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorIntroducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchor
 
Meet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceMeet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation device
 
Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™
 
10G edge technology for outdoor environments
10G edge technology for outdoor environments10G edge technology for outdoor environments
10G edge technology for outdoor environments
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networks
 
From leased lines to optical spectrum services
From leased lines to optical spectrum servicesFrom leased lines to optical spectrum services
From leased lines to optical spectrum services
 

Recently uploaded

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 

Recently uploaded (20)

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 

Introducing ConnectGuard™ Cloud

  • 1. Introducing ConnectGuardTM Cloud May 2018 Secure cloud connectivity for multi-cloud environments
  • 2. © 2018 ADVA Optical Networking. All rights reserved.22 Overview of ConnectGuard Cloud • ConnectGuard Cloud technology is part of ConnectGuard family • First in the industry to deliver virtualized end-to-end encryption in multi-cloud environments • Breakthrough for service providers and enterprises that want to move away from IPSec and appliance-based solutions that are costly and inflexible • Military-grade encryption can be deployed on any COTS server or in a public cloud infrastructure. • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Automated key management for operational simplicity – no need for an externally managed IKE or PKI system • Based on the award-winning Ensemble Connector – with zero touch provisioning capabilities, customers can roll out secure cloud connectivity to thousands of endpoints within minutes.
  • 3. © 2018 ADVA Optical Networking. All rights reserved.33 Agenda • Drivers for new encryption solutions • ConnectGuardTM Cloud in the ADVA portfolio • Benefits of ConnectGuardTM Cloud • Summary and additional resources
  • 4. © 2018 ADVA Optical Networking. All rights reserved.44 © 2018 ADVA Optical Networking. All rights reserved. Confidential.4 Drivers for new encryption solutions
  • 5. © 2018 ADVA Optical Networking. All rights reserved.55 When your destination is the cloud … You’ll need a secure path to get there
  • 6. © 2018 ADVA Optical Networking. All rights reserved.66 Industry observations on security Security threats to enterprises are real and growing • Threats include loss of data, compromised secrets, civil suits • Statutory and regulatory requirement (e.g., GDPR) are raising the importance of compliance and the cost of non-compliances Appliance-based security solutions are costly, inflexible, logistically difficult and not cloud-friendly • Any security solution must address hybrid cloud and multi-cloud applications New virtualized solutions provide a ground-breaking approach to address today's threats and limitations • They also open the door for complementary applications
  • 7. © 2018 ADVA Optical Networking. All rights reserved.77 Encryption challenges Latency Transparency Applicability The application should determine at which layer to encrypt Support encryption over any kind of access or transport network Apply encryption at customer premises, data center or public cloud Cost Compatibility Efficiency Cost per encrypted bit and initial cost are important Support services at the layer where they perform best Encryption has an impact on resource and network utilization
  • 8. © 2018 ADVA Optical Networking. All rights reserved.88 Virtual encryption delivers high-performance, flexible secure cloud connectivity Secure cloud connectivity use case Drivers for software endpoints • Cloud-native implementation for multiple public cloud environments where the endpoints must reside on cloud infrastructure rather than dedicated hardware appliances • SaaS applications in the cloud, where latency can create performance impacts • Regulatory requirements such as GDPR • Business or government networks where high-quality encryption is required Dynamic encrypted networking • Flexible encrypted mesh for policy-based secure VPNs • Application-aware encryption at L2/L3/L4 • Supports point-to-point and hub-and-spoke topologies • Eliminates dependence on application-level encryption Security with uCPE upgrades • Upgrade with other security applications or enterprise apps Effective cost points • TCO analysis demonstrates software trumps appliances • Turnkey option for enterprise deployments
  • 9. © 2018 ADVA Optical Networking. All rights reserved.99 Secure cloud connectivity: any-to-any Public cloud #1 Public cloud #2 Private cloud HQ On-net branch Hybrid branch Off-net branch Public internet IP-VPN (MPLS) CE L2VPN Color key: encryption only / encryption + L2 tunnel SD-WAN hybrid WAN
  • 10. © 2018 ADVA Optical Networking. All rights reserved.1010 © 2018 ADVA Optical Networking. All rights reserved. Confidential.10 ConnectGuardTM Cloud in the ADVA portfolio
  • 11. © 2018 ADVA Optical Networking. All rights reserved.1111 Secure connectivity across all networks • Secure cloud connectivity • Endpoints: >1K to 100K • Secure VPN connectivity • Endpoints: 100 to 1000 • Secure data center connectivity • Endpoints: 10 to 100 CloudEthernetOptical Physical connectivity Virtual connectivity Cloud connectivity Certified solution Certified solution
  • 12. © 2018 ADVA Optical Networking. All rights reserved.1212 ADVA ConnectGuard™ security suite Technologies Product(s) Application ConnectGuardTM Management FSP NM Crypto Manager Encryption domain management ConnectGuardTM Optical FSP 3000 Secure data center connectivity ConnectGuardTM Ethernet FSP 150 Secure VPN connectivity ConnectGuardTM Cloud Connector Encryption, Ensemble Director Secure cloud connectivity
  • 13. © 2018 ADVA Optical Networking. All rights reserved.1313 ConnectGuardTM Cloud benefits Implemented in Ensemble Connector Encryption and Director Cloud-native software encryption can be hosted on uCPE or in cloud • End-to-end encryption in multi-cloud environments – prevents man-in-the-middle attack vectors • Flexible, policy-based and application-aware secure networking – point-to-point or mesh • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Based on FIPS-compliant technology from Senetas Compute and bandwidth efficiency • Greatly improved throughput, overhead and latency versus IPSec – 8-24 bytes O/H versus 76 • Minimizes cost of hosting server – no need for hardware appliances Encrypted connections can be shared by multiple applications • No need to rely on SD-WAN or firewall encryption • Encryption functionality is separated from VNFs for layered security • Eliminates need for piecemeal application security Automated key management for operational simplicity • No need for an externally managed IKE or PKI system
  • 14. © 2018 ADVA Optical Networking. All rights reserved.1414 Why use Ensemble Connector? Connector provides cloud-native computing (Linux/KVM/OpenStack), plus: 1. Accelerated vSwitch 2. Carrier Ethernet 2.0 3. Networking incl. LTE 4. Zero touch commissioning (ZTC) 5. Embedded cloud (OpenStack) 6. Integrated OS with open interfaces 7. Device scalability 8. Telco management 9. High availability 10. Platform security 11. Encryption engine 12. Local router 6. Ensemble Connector 7. Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM /QEMU 1. Virtual switch - Connector VNF / VM VNF / VMVNF / VM 2. CE 2.0 3. Network 8. Telco management 10. Security 4. ZTC Standard cloud environment Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM / QEMU Virtual switch – OVS and DPDK VNF / VM VNF / VMVNF / VM 9. HA 5. OpenStack 11. Encryption 12. Local router
  • 15. © 2018 ADVA Optical Networking. All rights reserved.1515 © 2018 ADVA Optical Networking. All rights reserved. Confidential.15 Benefits of ConnectGuardTM Cloud Provided by Ensemble Connector Encryption
  • 16. © 2018 ADVA Optical Networking. All rights reserved.1616 Integrated key derivation function (KDF) • Integrated KDF for managing key lifecycle • Secure centralized key management that delivers keys from a FIPS-certified appliance • Automatic key updates managed with timestamps • Manages keys at Layer 2, 3 and 4 • FIPS-compliant technology for multi-layer encryption • Random number generator with equivalent entropy to hardware platforms • Scales to thousands of endpoints • No master/slave requirement • Zero touch provisioning
  • 17. © 2018 ADVA Optical Networking. All rights reserved.1717 Flexible encryption options • AES-256 CTR/GCM mode • Confidentiality only OR • Confidentiality + authentication • Multi-layer simultaneous encryption policies • Layer 2: Ethernet (MAC or VLAN) • Layer 3: IPv4/v6 subnets • Layer 4: IP + port • NAT passthrough • Netflow/Jflow support • Policy-based routing Low overhead per packet. Best case is one third of the overhead per packet compared to military grade IPSec. Overhead: • 8 bytes for encryption header (sender ID, key bank, frame counter) • 4 bytes additional header for TCP (layer 4 encryption only) • 16 bytes additional authentication data (optional)
  • 18. © 2018 ADVA Optical Networking. All rights reserved.1818 Centralized key distribution with KDF Optional alternative to integrated KDF • Single centralized platform for managing key lifecycle • FIPS-certified server* distributes keys to all endpoints • Key server is tiered and redundant for resiliency • Uses industry standard key management protocol (KMIP) • Control plane isolation • Scales to hundreds of thousands of endpoints • Policy driven by: • Single key management system for all data • Key management required on specific site • FIPS requirements *SafeNet KeySecure or Senetas hardware encryptor as server
  • 19. © 2018 ADVA Optical Networking. All rights reserved.1919 IPSec over internet Connector EncryptionPlain internet IPSec significantly impacts transmission performance Actual measurements from live test of 1Gbit/s traffic over internet Why not use IPSec? Throughput 56% – 86%* Latency: 37 – 79* ms Throughput 16% – 20%* Latency: 37 – 79* ms Throughput 56% – 95%* Latency: 37 – 79* ms *Depending on frame size 64-1M bytes
  • 20. © 2018 ADVA Optical Networking. All rights reserved.2020 © 2018 ADVA Optical Networking. All rights reserved. Confidential.20 Summary and additional resources
  • 21. © 2018 ADVA Optical Networking. All rights reserved.2121 Summary Enterprises are moving workloads into the cloud, including consumption of IaaS, PaaS, and SaaS services, in both multi-cloud and hybrid cloud models Achieving multi-cloud benefits requires efficient, secure and transparent connectivity Need a software solution that is compatible with uCPE and cloud deployments • Encrypt all the way into the cloud • Using low-cost uCPE servers at the customer site • Efficient and low-overhead encryption Benefits: • Transport of Layer 2 traffic over Layer 2 or Layer 3 access • Software solution that is compatible with existing encryption deployments • Ability to encrypt at Layers 2, 3 or 4 depending on requirements of the application • Efficient encryption minimizes required processing and network overhead • Modular, cloud native architecture – supports uCPE and public cloud, provides choice • Sophisticated key management • Turnkey solutions available
  • 22. © 2018 ADVA Optical Networking. All rights reserved.2222 Additional resources • Securing zero touch for uCPE deployments • Using the Cloud to Secure the Cloud • Security is a many-layered thing* • Meet Anna and the future of virtualized encryption in the cloud
  • 23. Thank you IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited. The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation. Copyright © for the entire content of this presentation: ADVA Optical Networking.