IPsec Security Gateway

Three functions to secure IP traffic

IP traffic is vulnerable to attack whenever it travels across an unsecured or third-party network. Even in secured networks, transport links can be tapped, and insiders pose a risk.

The Nokia 7750 Service Router (SR)-based Security Gateway and Nokia NetGuard Certificate Manager (NCM) provide IP security (IPsec) protection with three essential functions:

• Authentication, which ensures that the sender and receiver are who they say they are
• Integrity, which ensures that the data that is received matches the data that was sent
• Confidentiality, which ensures that no one can read the data as it is being transmitted

Security Gateway

The Security Gateway lets you set up secure tunnels between network endpoints and encrypts traffic so that it can pass safely across these tunnels. It is a feature of the Nokia Service Router Operating System (SR OS) and runs on the 7750 SR platforms. The Security Gateway is also available as a virtualized network function on the Nokia Virtualized Service Router (VSR) for implementation in a cloud architecture. Both options provide the industry’s highest capacity and throughput. 

Certificate management

IPsec requires digital certificates for authentication. Based on a trusted certification authority, NCM manages the entire lifecycle of a digital identity in a standardized and secure way. It simplifies and secures this process by setting up a public key infrastructure (PKI) according to the 3GPP TS 33.210, 33.310 and 33.401 standards.

With NCM, you can ensure the safe authentication of users, devices, applications and systems without the need for tokens, passwords or other non-standardized authentication schemes. Its distributed architecture supports over 100 million active certificate deployments.