[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security over SONET/SDH

Subject: Security over SONET/SDH
From: jpv at veldersjes.net (JP Velders)
Date: Sat, 29 Jun 2013 12:49:37 +0200 (CEST)
In-reply-to: <CAPhg-wRrn=siuxuObG85G8w6Kgsag1qJeZC97ucZNbgnAL7kaA@mail.gmail.com>
References: <[email protected]> <CAPhg-wRrn=siuxuObG85G8w6Kgsag1qJeZC97ucZNbgnAL7kaA@mail.gmail.com>

> Date: Tue, 25 Jun 2013 06:38:23 -0600
> From: Phil Fagan <philfagan at gmail.com>
> Subject: Re: Security over SONET/SDH

> Are these private links or customer links? Why encrypt at that 
> layer? I'm looking for the niche usecase.

If I recall correctly the PCI stuff says an MPLS network is 
sufficiently safe. If I were a financial, I would mandate at the very 
least that all my communications extra-country be encrypted. Since we 
know how "young" some of the languages and protocols on which our 
financial infrastructure is built are, we can bet the house you need 
link-layer-level encryption to make that work.

Now, whether the institution puts it in place, or requires the 
international transport carrier to do so (hey, howdy, SONET/SDH) is 
another thing.

Nortel at one point had an OC192 AES256 encryption option:
http://www.igrid2005.org/media/press_09.28.05_nortel.html

In the end remember, a lot of trans/inter-national bandwidth is still 
SONET/SDH based and only slowly changing to Ethernet-like transports.

Kind regards,
JP Velders

References:
- Security over SONET/SDH
  - From: surfer at mauigateway.com (Scott Weeks)
- Security over SONET/SDH
  - From: philfagan at gmail.com (Phil Fagan)

Prev by Date: Google's QUIC
Next by Date: Google's QUIC
Previous by thread: Are undersea cables tapped before they get to ISP's? [was Re: Security over SONET/SDH]
Next by thread: Security over SONET/SDH
Index(es):
- Date
- Thread