Zybersafe TrafficCloak nCryptor
Protection of network traffic against data breaches (securing data in motion) is typically achieved by implementing standard Layer 3 VPN/IPSec tunnels.
However, IPSec by design adds a substantial overhead to each encrypted network packet, and, because of its complexity, this compounds network inefficiencies and adds to poor performance and increased overall solution cost. This compels enterprises to look for a technology that is simpler to operate and removes complexity from the WAN solution. Performing network data encryption at the data link layer (Layer 2) ensures superior network performance, simplifies network operations and reduces the overall cost of data protection.
The Zybersafe hardware network encryption appliance offers a transparent network data encryption service at wire-speed, using the internationally recognised Advanced Encryption Standards (AES 256 bit) algorithm for securing private information. The AES 256 bit algorithm is implemented in its most secure version (AES 256-GCM), and, in combination with our patent-pending unique failsafe network security and cryptography key management, we ensure carrier-class authentication, data integrity and protection against replay attacks.
The TrafficCloak nCryptor is a powerful and efficient 1RU AES 256 bit hardware encryption appliance that is ideal for securing WAN traffic between enterprise facilities. All Zybersafe network data encryption appliances are factory-paired and pre-configured with encryption keys that are completely randomly generated from the built-in true hardware random number generator. There is no need for annoying, cumbersome encryption key management and the associated security risk. Our purpose-built AES 256 bit hardware encryption appliance provides tunnel-less data protection for any Layer 2 network and integrates easily into any existing network. The TrafficCloak nCryptor operates transparently to the network infrastructure, which ensures all traffic is encrypted without affecting network performance.
The network encryption functionality is implemented and provided at the hardware only level. This is done in order to avoid possible IP ´backdoor´ exploits. To maximise security the monitoring functionality is physically separated from the encryption engine and only transmits SNMP status traps every five seconds. The TrafficCloak nCryptor’s network ports come with high media flexibility and two pluggable SFP/SFP+ interfaces for media-specific transceiver modules. In addition, they come with direct-attach cables to enable connectivity to diverse 1 and 10 GbE fiber and copper media.
With Zybersafe’s TrafficCloak nCryptors the deployment of network encryption is no longer based on specific routers and firewalls or on which network devices you possess or control. Instead, the protection of data in motion is based on keys and purpose-built network encryption hardware that is independent of the infrastructure.
Request Technical Documentation