- Cryptographic Key Management for the Cloud
- Encryption Solutions for the Cloud
- Virtual Network Encryption
As the industry’s first crypto-agile Network Function Virtualization (NFV) encryption solution, the CV1000 is designed for for extended WANs and SD-WANs. The CV1000 protects data-in-motion across high speed Carrier WAN links up to 5 Gbps.
Virtualized encryption functions provide the scalability, simplicity, flexibility, and cost-efficiencies demanded by IT and data networks managers. The CV1000 offers organizations an operational and expense friendly alternative to using a hardware appliance for securing data in motion across networks and meeting security and compliance requirements.
By using a virtual encryptor instead of a hardware appliance, organizations can remotely scale up network encryption to meet increased capacity demands or quickly make policy changes across multiple networks, while eliminating the cost for additional rack space.
Instant scalability means it may be deployed rapidly across hundreds of network links, providing robust encryption protection for data-in-motion. Designed to match flexibility and scalability of other Virtual Network Functions (VNFs), such as virtual routers, switches and firewalls, the CV1000 is completely transparent to the network; making it the ideal solution to secure your WAN or SD-WAN, right to the virtual edge.
The CV1000 is the first high speed encryptor to offer Transport Independent Mode. It is network layer independent (Layer 2, Layer 3, and Layer 4) and protocol agnostic. By supporting Layer 3, the CV1000 offers network operators more configuration options using TCP/IP routing for securing critical data. Because it’s software-controlled, the CV1000 enables greater flexibility and responsiveness in network architecture, as well as opportunities to expand the network scale quickly.
The CV1000 protects network communications at speeds of up to 5 Gbps encrypted bandwidth, when optimized in the network. The CV1000 leverages the SafeNet CN Series Ethernet encryptor platform, to maximize available bandwidth and minimize latency. Importantly, the CV1000 is transport layer agnostic and enables concurrent multi-layer encryption, making it an ideal solution for extended virtualized network security.
With integrated support for KeySecure for Government (a centralized cryptographic key management solution), the CV1000 provides optimum security for the storage of master keys, the integrity of critical security policies and the source of entropy (randomness) for cryptographic key generation
|Virtual Network Function (VNF) - Hosting Guide|
|Network data encryptor type||Virtualized Network Encryption Solution (Layer 2-4), hosted on x86 platform|
|Bandwidth / performance||>1Gbps. Up to 5Gbps subject to host and DPDK (acceleration) configuration.|
|Customer environment and performance||CV1000 is customer host and target specific - performance dependent upon customer targets, environment and platform|
|Virtual appliance - Host: hardware requirements||Host hardware agnostic - x86 Recommended:
|Appliance - Host CPU requirements||Compatible with all types|
|Hypervisor support||VMware, KVM, Microsoft Hyper-V. Other platforms may be supported.
|Supported topologies||Point-to-point, hub and spoke, fully meshed|
|Interoperability||Fully interoperable with all SafeNet High Speed Encryptor CN Series hardware encryptors|
|Maximum number of connections||500+|
|Encryption algorithms||Symmetric Cryptography:Symmetric Cryptography:
|Policy based encryption||
|Crypto-agility||Support for custom curves, custom algorithms and entropy|
|Authentication||Certificate based (X.509)|
|In-band/out-of-band management||Console Command Line Interface (CLI)
|Virtualized network interfaces||Three para-Virtualized (virtio/vmxnet3) NICs:
|Virtualized hosting environment||Supports:VMware, KVM/QEMU, Hyper-V, Virtual Box, Intel DPDK|
|Cloud management platform||Supports:OpenStack|
|CV1000 management application||SafeNet Encryptor Manager CM7 Included; SafeNet Security Management Center (SMC)|
|Centralized key server support||Customer determined optional support for KeySecure for Government- centralized cryptographic key management solution (master key security and random number generation)|
|Licensing CV1000 software||Flexible model choice:
|CV1000 Virtual Encryptor Product Brief
Product overview with technical features and specifications.
|CV1000 Virtual Encryptor Data Sheet
Detailed look into the CV1000 featuring use cases, product benefits, and more.
|Best Practices for Securing Network Function Virtualization Environment
Detailed look at the unique security implications of adopting NFV approaches, and it provides a number of best practices to employ to ensure sensitive data and transmissions remain secure in these environments.
Key CV1000 highlights.