Escolar Documentos
Profissional Documentos
Cultura Documentos
#NetworkSecurity
Todays Speakers #NetworkSecurity
2
#NetworkSecurity
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
3
The Threat Is Real - And the Stakes Are High
Motivations Behind Attacks
September 2016
Cyber
Hacktivism Espionage
11.3% 4.2%
Cyber Warfare
4.2%
Cyber Crime
80.3%
Source: hackmageddon.com
4
Notable Recent Breaches (Impacting Millions of Records)
80m 55m
145m 77m
70m 76m
Source: InformationisBeautiful.net
5
Breaches Pose Substantial Financial Risk and More
FINANCIAL CREDIBILITY
$252m
Direct cost ($M)
$161m
$100m
Healthcare: Delivery of patient care, loss of confidence
$39m
0 100
Records lost or stolen (m)
Source: InformationisBeautiful.net
6
Transformations Driving Cybersecurity Tech
Device Rationalizing
proliferation defense
Evolving New
threats architectures
7
The Rise of 100G and Beyond
How to Deliver Network Security in a Multi-petabit World?
Annual Deployed Telecom Bandwidth and YoY Change
125 100%
100
Transmission Capacity
75%
(Petabits/sec)
75
50%
50
25%
25
0 0%
CY14 CY15 CY16 CY17 CY18 CY19 CY20
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
9
Implementing a Defense-in-depth Strategy
From Application to Layer 1 Security
Transport
SSL/TLS encryption
Layer 1 security is an
integral part of a multi- Application
layered defense strategy
10
Why Secure at Layer 1?
11
Moving Towards a 100G Connected World
100G 100G
Fixed/mobile New level of Large enterprises
IP video scale required Content providers
Cloud/IT Comms providers
10G 10G
IoT Strategic industries
Better wavelengths
Efficient wavelengths
More wavelengths
Secure wavelengths
12
Easily Adding Layer 1 Encryption to Existing Networks
IT operations Security operations
LAN LAN
Ethernet Ethernet
FC
SAN FC
DWDM METRO SAN
AND LONG HAUL
@ 100G
HPC HPC
InfiniBand InfiniBand
13
Optical Transport Security Mechanisms
Wavelength monitoring OTDR the fingerprint Key strength & management
Key authority
Allows power and fiber Detect and localize Protect your data and
monitoring and reporting precisely any anomalies investment with a strong
for each wavelength on fiber network quality key
Day 1
14
#NetworkSecurity
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
15
Security and Encryption The Typical House Lock Analogy
Illusion of Security
17
Comparative Key Strength
Symmetric vs. Asymmetric Algorithms
18
Cryptographically Sound Solutions Ensure
Key Quality for the Future
Must Balance Cipher and Key Strength
Comparison of conventional and quantum security
levels of some popular ciphers
Algorithm Key Effective key strength/security level
length
Conventional Quantum
computing computing
RSA-1024 1013 bits 80 bits 0 bits
RSA-2048 2048 bits 112 bits 0 bits
ECC-256 256 bits 128 bits 0 bits
ECC-384 384 bits 256 bits 0 bits
AES-128 128 bits 128 bits 64 bits
AES-256 256 bits 256 bits 128 bits
19
Key Management Comparison
Centralized Distributed
Key Key
manager manager
Key
manager
Key Key
manager manager
20
Insist on Independently Certified Solutions
Validated against
open security
Standard standards
criteria
21
#NetworkSecurity
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
22
Security Is Essential to All Mission-critical Networks
Enterprise WAN
Security
Healthcare: telemedicine, telehealth
Confidentiality
Utilities: smart grid, teleprotection integrity
and SCADA availability
23
Case Study 1: Private Mission-critical Network
Profile Key requirements: Solution:
National grid operator in Highly reliable grid Provides the highest level of
Europe connecting over communications reliability, safety, and security
1,200 nodes for sub- Full support of SCADA and across the entire grid
station communications teleprotection
Secure transport
Distribution
Secure optical transport with low latency L1
encryption and optical intrusion detection
24
Case Study 2: National Bank Mission-critical Network
Profile Key requirements: Solution:
National bank connected Low latency for synchronous Provides a highly reliable,
to private banks and replication scalable and secure network
Eurosystem (European High security (encryption) supporting all mission-critical
banking network) applications
Service migration to a new
data center
Data center Data center Scalable network with high SLA supporting
mission-critical applications
25
#NetworkSecurity
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
26
Nokia Secure Optical Transport Solution
Certified Layer 1 Encryption with Trusted Centralized Key Management
Nokia 1830 Security Management Server
Effective Layer 1 encryption
Optical intrusion detection Microwave
Centralized, unified key mgmt. Network
Fully independently certified 9500 MPR
(Common Criteria, ANSSI, NIST)
27
#NetworkSecurity
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
28
Summary
29
#NetworkSecurity
4 Case Studies
5 Nokia Approach
6 Conclusions
7 Audience Q&A
30
Audience Q&A #NetworkSecurity
31
Thank You
This webcast will be available on-demand for 90 days.
Follow us on Twitter:
@IHS | @IHS4Tech | @IHS4TechEvents