EncrypTight™ Appliance, 100–250 Mbps
Encrypts at OSI Layer 2, 3, or 4.
Improve security without impacting performance.
Works on the Internet or on private WANs.
Security management with drag-and-drop simplicity.
Works with all kinds of network traffic, including VoIP.
Eliminate time-consuming and complex VPN tunnels.
No delays, no jitter, no latency.
Transparent to network operation and applications.
More and more organizations are using the Internet to send data to branch offices. But because the Internet is a public network, security is an issue, so sensitive data must be encrypted. The answer is EncrypTight™, a Secure Mesh Internet solution using the EncrypTight Manager policy and key management software and our family of EncrypTight hardware encryption applications.Ability to pass encrypted data through NAT devices. VPN tunnels, which encapsulate the Layer 3 address, often don’t work with NAT.
Compatibility with policy-based routing and load balancing
that require Layer 3 addresses to be intact.
Layer 4 encryption leaves Layer 3 headers intact, making it possible to troubleshoot a network without turning off encryption.
Because headers are intact, data looks unencrypted, making it possible to use within countries that restrict encrypted data.
EncrypTight™ overcomes the limitations associated with IPsec VPN tunnels. It brings you air-tight encryption across any WAN?—even the Internet—without the hassle of setting up a VPN tunnel for each connection. Layer 4 encryption capability leaves packet headers intact, making encrypted data far more compatible with network operations. Plus, EncrypTight doesn’t add latency to bog down network operations—it’s totally transparent.
The not-so-private MPLS WAN
Many organizations don’t encrypt their data because it’s traveling on a “safe” MPLS network. Although MPLS networks provide more reliable connections than the Internet and aren’t as public, they cannot be counted upon to be private—they’re still vulnerable to attack.
MPLS is technically a VPN that mimics privacy by logically separating data with labels. Although the data traffic is kept separate from other traffic, it can still be intercepted at any node.
When vendors say MPLS is secure, what they mean is that the traffic is kept separate from other traffic, that they have processes in place to prevent unauthorized data snooping, and that their employees probably aren’t going to snoop either. In fact, your data probably won’t be stolen on an MPLS network, but you have no way of being sure and no way to tell if your data has been breached. In fact, the only way to ensure data security over an MPLS network is by encrypting data as it travels across the WAN.
Break out of the tunnel
Although IPsec VPN tunnels are fairly simple to set up between only two points, when remote sites multiply, the number of tunnels increases exponentially. A tunnel is needed between each pair of sites, leading to administrative hassles every time a remote site is added.
EncrypTight eliminates the need to establish point-to-point tunnels between each pair of remote sites, freeing network administrators
for other tasks. With EncrypTight, every network on your WAN can establish an instant encrypted connection to every other network equipped with an EncrypTight appliance.
Layer 4 encryption
In addition to Layer 2 Ethernet frame encryptions and Layer 3 IP packet encryption, EncrypTight offers a Layer 4 payload-only encryption option. Layer 4 encryption offers many advantages, including:
Manage all your EncrypTight appliances with EncrypTight Manager Software. The simple drag-and-drop interface scales seamlessly and enables you to set encryption policies based on IP addresses, port numbers, protocol IDs, or VLAN tags. You can quickly change policies across the entire WAN without interrupting network traffic. EncrypTight Manager Software generates, and securely pushes, encryption keys and policies to appliances throughout the WAN. Logging and auditing functions enable you to collect and monitor important criteria such as enforcement point status, as well as policy, password, and device configuration changes.
EncrypTight helps you comply with HIPAA, HITECH, PCI, or other industry or government data-protection standards. EncrypTight offers AES 256-bit encryption. Plus, its logging and auditing functions help you save and organize the records required by many of these standards, reducing the scope of audits with thorough recordkeeping.
Because there are no tunnels to set up, it’s easy to deploy EncrypTight across large WANs. For instance, an organization with many sites around the world could add a new site to its WAN without having to establish a VPN tunnel to every other site.
Additionally, EncrypTight Manager Software enables network administrators to centrally manage security across the entire WAN using a simple drag-and-drop interface.
For more information, download the brochure.
How to order EncrypTight:
EncrypTight Appliances come in five sizes to accommodate four different ranges of WAN interface speeds. Choose the appliance in the right range for your WAN Link: ET0005A for links of 5-Mpbs, ET0010A for links of 3–50 Mbps, ET0100A for links of 100–250 Mbps, ET1000A for links of 500 Mbps to 1 Gbps, and ET10000A for links of 2.5 to 10 Gbps. All appliances can be rackmounted. The 5-Mbps and 3–50 Mbps models can also be used as desktop units.
Then choose the EncrypTight Bandwidth License that specifically matches the WAN interface. For instance, if you have a branch office with a 10-Mbps Internet connection, order the 3–50 Mbps EncrypTight Appliance (ET0010A) and choose the 10-Mbps license (ET-BWL-10MBPS). To upgrade an existing EncrypTight Bandwidth License to a higher speed, contact our FREE Tech Support.
Each EncrypTight appliance includes EncrypTight Manager, which consists of one EncrypTight Manager software license for use on one server; one management user license, which supports one active user at a time and an unlimited number of named user accounts; documentation; and a CD containing key, policy, and device management software for EncrypTight appliances as VMware®.
To add more simultaneous active users, order EncrypTight Management User Licenses (ET-MGR-SW-USER).
Clustered servers can be added to the main server. Each additional clustered server requires an EncrypTight Cluster Server License (ET-MGR-SW-CLSTR).
If you use a disaster recovery server, you'll need an EncrypTight Disaster Recovery License (ET-MGR-SW-DR).
EncrypTight Manager is also available pre-loaded onto a hardened server (ET-MGR-HW).
For help with ordering, contact our FREE Tech Support.
For an instant 10-Mbps solution order the EncrypTight Starter Kit. It includes (2) EncrypTight Appliances (ET0010A) and (2) 10-Mbps Bandwidth Licenses (ET-BWL-10Mbps).
This product works with:
EncrypTight Bandwidth Licenses (ET-BWL-100MBPS, ET-BWL-155MBPS, ET-BWL-250MBPS)
EncrypTight Disaster Recovery License (ET-MGR-SW-DR)
EncrypTight Cluster License (ET-MGR-SW-CLSTR)
EncrypTight Management User License (ET-MGR-SW-USER)
EncrypTight Manager Server (ET-MGR-HW)
Questions? Contact our FREE Tech Support.