High-speed network virtualisation is increasingly used to deliver cost-effective scalability, flexibility and network management. Consequently, network services require trusted, virtualised encryption for maximum data security.
In response, Senetas developed CV Series virtualised encryption for virtual customer premises equipment (CPE) and wide area networks; providing the same agility as the networks it protects.
Scalable to thousands of end-points, the CV1000 is a software application of the trusted high-assurance Senetas CN Series hardware encryption appliances. The CV1000 delivers cost effective policy-based multi-Layer data protection at up to 5Gbps.
The Senetas CV1000 has designed-in flexibility also enabling deployment by telecommunications and service providers to provide the strongest encryption security to the “virtual edge” of your WAN and SD-WAN networking solution.
In this guide, we provide a detailed description of the features and benefits of Senetas CV Series Virtualised Encryption.
CV1000 Virtualised Encryption
The CV1000 is the first crypto-agile Virtualised Network Function (VNF) designed for large-scale, virtualised WAN/MAN encryption.
Today’s multi-Layer network environments are supported through network independent encryption, delivering concurrent, multi-Layer encryption security (Layers 2, 3 and 4).
Whatever the network Layer architecture – Layers 2, 3 and 4 – the CV1000 will provide strong encryption, and the centralised management tool enables policy settings to meet varying multi-Layer customer security requirements.
CV1000 at a glance
Performance: Up to 5Gbps (subject to host and DPDK acceleration configuration).
Security: VNF end-to-end encryption for all topologies.
Protocols: Virtualised encryption for CPE and virtual networks.
Network Independent: Policy-based, concurrent multi-Layer encryption (Layers 2, 3 and 4).
Topologies: All – Point-to-point, Multi-Point, Hub and spoke, Fully meshed.
Certification: FIPS 140-2 (in progress).
Like any virtualised solution, the performance of the CV1000 is dependent upon host and hypervisor configuration. Performance is also customer target specific and dependent upon operating environment and platform. The CV1000 supports DPDK acceleration.
Recommended minimum requirements (with DPDK) for up to 5Gbps:
- Multi-Core Processor (3 cores)
- 2GB RAM
- 1GB Virtual Disk Storage (subject to image storage requirements)
Network Transport Layer Independent Encryption
Network Independent Encryption meets the demands of modern network architectures. It provides concurrent encryption of data at network Layer 2, 3 or 4. The flexible encryption policy allows customer selection of the most appropriate network Layer to encrypt their data. Data is always encrypted at the most secure and efficient network Layer.
Senetas CV Series virtualised encryption also provides network-agnostic end-to-end encryption for organisation-wide data protection.
The Senetas CV Series is an optimal security solution for virtualised CPE and WAN infrastructure, all the way to the virtual edge. As a VNF the CV1000 is a fully operational software equivalent of the trusted Senetas CN Series of hardware encryptors.
Customers also benefit from the 100% interoperability among the CV Series virtualised and CN Series hardware encryption solutions. The CV1000 provides a flexible and cost-effective encryption security solution for large-scale WAN.
Senetas CV Series encryptors are distributed and supported internationally (outside Australia and New Zealand) by Thales.