Secure Optical Transport
Secure in-flight data
Modern enterprises, government agencies, network operators, and service providers rely on business-critical data. With the increasing value of confidential data transmitted across networks, confidential data has become ever more attractive to thieves and intruders. Consequently, the number of attacks and breaches continues to rise. In response, network operators must secure their networks to protect in-flight data and guard against network intrusions.
The Nokia Secure Optical Transport solution protects data from theft through a set of technologies that address security threats cost effectively and in a manageable way. The solution implements physical layer quantum-safe encryption with centralized, symmetric key management. This provides network operators with a first line of defense, ensuring that all transmitted data is encrypted and rendered useless if it falls into the wrong hands.
At the heart of the solution is the Nokia 1830 Security Management Server (SMS), a central key generation server that supports encryption engines in various network elements. This includes select interfaces on the Nokia 1830 Photonic Service Switch (PSS) and Nokia 1830 Photonic Service Interconnect (PSI) platforms. Together, the solution offers high-capacity, encrypted optical DWDM connectivity and optical intrusion detection. This improves the confidentiality and integrity of data, as well as the availability of business-critical applications.
To protect against attack from a quantum computer, the Nokia 1830 SMS comprises a powerful processor and security enhanced operating system to generate high-quality keys from physical spawned entropy. These keys are pre-shared to encryption engines across the network in a centralized, symmetric architecture.
Combined with optical intrusion detection tools, including the Nokia Wavelength Tracker and Optical Time-Domain Reflectometer (OTDR) capability, network operators can localize issues and detect intrusions through variations in power levels. This improves network security while retaining the flexibility to support a wide range of applications and services, including:
- Data center interconnect
- LAN interconnect
- High-performance computing
- Wavelength services
- Carrier Ethernet services