VPN
Businesswire | July 18, 2023
The world’s efforts to secure digital communications from the threat posed by quantum computers took a significant leap forward today as a new standard for quantum-safe Virtual Private Networks (VPN) was ratified by the Internet Engineering Task Force (IETF).
The new protocol has already been used by Banque de France and Deutsche Bundesbank to secure payments messages, paving the way for full adoption by the Bank for International Settlements to secure communications between the world’s central banks.
‘Harvest Now Decrypt Later’ (HNDL) attacks currently represent the greatest quantum cybersecurity threat. These attacks see hostile actors steal encrypted data now which can be decrypted once a sufficiently mature quantum computer comes online. The new US Quantum Computing Cybersecurity Preparedness Act states that the HNDL risk presents the highest threat to humankind and stipulates that quantum migration must start now. Deploying a VPN based on new post quantum cryptography is the easiest way to protect data-in-transit from such attacks.
The new IETF standard specifies how VPNs can exchange communications securely in the quantum age. The novel approach prioritises interoperability by making it possible for multiple post-quantum and classical encryption algorithms to be incorporated into VPNs. Combining both old and new encryption is essential to ensure no disruption to the functioning of existing IT systems, and to protect data from attack by both classical and quantum computers.
This is a particularly important milestone for internet connectivity and security as we are transitioning from an era where the world relied upon just one or two algorithms (RSA and Elliptic Curve), to a situation where different nation states are deploying a wide variety of different post-quantum algorithms. This new IETF standard is the glue that allows parties using different public key encryption algorithms to talk with one another.
The new IETF standard was proposed and designed by Post-Quantum, a British cyber security company that’s built a portfolio of market-ready quantum-safe cyber security products. Post-Quantum’s own Hybrid PQ VPN uses the new IETF standard and is already in use by NATO to secure its communications from quantum attack, supporting interoperable communications between NATO members.
CJ Tjhai, CTO, Post-Quantum and original author of the new IETF standard said: “I’d like to thank all the technologists that collaborated with us on this IETF standard. Much of the focus has been on NIST’s new post quantum encryption algorithms themselves, but this is insufficient unless you have a protocol that defines how the connectivity is done. The easiest way to prevent Harvest Now Decrypt Later attacks is to deploy a PQ VPN based on the new IETF standard. NIST’s new algorithms are only useful if we have agreed standards for their use and mature products that can accommodate them.”
Andersen Cheng, Executive Chairman, Post-Quantum added: “CJ and his collaborators have completed important work that makes it possible for tech companies to build quantum-safe VPNs that communicate to one another. We are entering a period where different countries are now recommending different encryption algorithms, so engineering our communications infrastructure to be interoperable and backward compatible is absolutely crucial. That’s the value our own VPN is bringing to organisations like NATO, a diverse member organisation with a variety of post-quantum algorithms in use.
“In the commercial sector, we are pleased that Banque de France and Deutsche Bundesbank have also recently completed their project in transmitting payment messages using our protocol, which will pave the way for the Bank for International Settlements to build a complete chain of trust for central bank applications to counter any HNDL risks they already face today.”
José María Lucía Moreno, Lead Partner, EY Wavespace and a Post-Quantum partner added: “Our agreement with Post-Quantum is an important step in helping EY and its clients to become quantum-safe. We’re increasingly consulting with our clients to identify where they use traditional encryption that will need to be upgraded, and to help them prepare for the quantum era. Post-Quantum’s approach is particularly interesting because they have modular software-based products like the VPN, which can be implemented together, or as standalones within existing environments, to offer protection today.”
The IETF is the non-profit organisation with responsibility for developing the standards that define how the internet is built and used. Now that the IETF has ratified this work, VPN providers will adapt their protocols to match it, making this a defining standard for the future of cybersecurity as the world transitions from classical to new post-quantum encryption. Ratification represents the culmination of work dating back to 2017 when Post-Quantum took the lead in creating the original proposal for this standard.
About Post-Quantum
Post-Quantum is upgrading the world to next-generation encryption. Our quantum-safe platform includes modular software for Identity, Transmission and Encryption that protect organisations across their entire digital footprint. Products are interoperable, backward compatible and crypto-agile - ensuring a smooth transition to the next generation of encryption.
Post-Quantum works with organisations in defence, critical national infrastructure and financial services, including a multi-year relationship with NATO to ensure its communications are secure against quantum attack.
Read More
Virtual Desktop Tools, Server Hypervisors
Business Wire | August 31, 2023
Meter, Inc., a leader in Network as a Service (NaaS) for businesses, today announced DNS Security, built in partnership with Cloudflare, the security, performance, and reliability company. Meter DNS Security is now widely available for all Meter Network customers, expanding Meter’s existing NaaS offering and saving teams both time and money, while also improving overall network performance and security, powered by Cloudflare’s Zero Trust platform.
“With the number of devices on a network expected to triple by 2030, modern businesses and organizations demand enterprise network controls to ensure safety and peak performance for business critical functions,” said Anil Varanasi, CEO and co-founder of Meter. “Meter DNS Security is the latest example of how we’re continuing to offer our customers enterprise level networks end-to-end. Through our partnership with Cloudflare, we’re enhancing our capabilities to meet the needs of IT professionals at industrial warehouses, educational institutions, security firms, and more.”
Meter DNS Security eliminates the hassle of having multiple vendors, by providing content filtering at several layers to all customers within the Meter Dashboard in partnership with one of the best providers in the world.
“We’re proud to have Meter leveraging Cloudflare’s Zero Trust platform in a new way, offering our DNS filtering feature natively built into their Meter Dashboard,” said John Graham-Cumming, CTO, Cloudflare. “By building on Cloudflare's platform, Meter enables customers to manage their team’s operations at scale, as well as effectively enforce global corporate policies across diverse corporate spaces, such as offices, schools, and warehouses.”
In addition to the ease and scalability of Meter DNS Security, users are ensuring security through enhanced compliance by blocking access to known malicious websites and bad actors. The integration and partnership with Cloudflare provides customers with faster DNS response times, while optimizing network performance by limiting access to high-bandwidth websites and services. Real world examples of this process include, but are not limited to:
Ensuring a safe browsing environment at schools by filtering out age inappropriate content
Optimizing network performance for warehouses by filtering high bandwidth activities like video streaming
Maintaining high security and compliance standards by filtering malicious or illegal content
“Tishman Speyer has successfully partnered with Meter to streamline the networking and Wi-Fi experience for our customers,” said Simon Okunev, Managing Director and Chief Information Officer, Tishman Speyer. “The addition of Meter’s DNS Security feature, powered by Cloudflare, will further benefit our customers by providing an additional layer of security.”
About Cloudflare
Cloudflare, Inc. is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.
Read More
Virtual Desktop Strategies, Virtual Server Management
businesswire | August 24, 2023
Private wireless pioneer Betacom today announced it has been selected by VMware as one of three inaugural wireless service provider partners to deploy and manage VMware Private Mobile Networks. Aimed at accelerating digital transformation at the edge, VMware, which today announced its latest edge initiatives at VMware Explore 2023 Las Vegas, tapped Betacom to help enterprises reduce the complexity associated with private mobile networks.
“Betacom is an ideal provider partner for VMware’s edge focused innovations and initiatives,” said Saadat Malik, Vice President, VMware Edge Computing. “With their dedication to security, performance, and simplicity, together we can help our customers advance their business and operational goals to not only embrace the Industrial Internet of Things but to do it efficiently and effectively and without additional resources.”
Betacom will seamlessly integrate VMware’s Private Mobile Network offering built on Edge Compute Stack into its existing private network managed service offering 5G as a Service (5GaaS), enabling rapid deployment and effortless management and orchestration of private wireless networks for enterprise clients. Betacom 5GaaS, the industry’s first fully-managed, end-to-end private wireless service, safeguards data by isolating traffic and keeping company data behind the enterprise firewall, by implementing Zero Trust design principles and Betacom AirGap Protection that features a combination of traffic segregation, 3GPP tunneling, encryption and granular access controls. Betacom delivers 24x7, 365 days a year network management from its cloud-based Security and Service Operations Center (SSOC).
The new VMware Edge Compute Stack can support multiple use cases at the edge including deployments in the manufacturing, retail, campus and healthcare sectors for a wide variety of applications. For manufacturing customers, the solution supports software-defined manufacturing, predictive maintenance, inventory management, safety and security. For healthcare customers, it provides support for IoT wearables, smart utilities and surgical robotics.
“We are excited to partner with VMware in support of its latest technology offering, which enables all the edge functions necessary to facilitate Industry 4.0,” said Johan Bjorklund, CEO of Betacom. “Clients are looking for high-performance, low-latency solutions that are ideal for optimizing automation, data collection and the Internet of Things, and that is exactly what VMware Private Mobile Networks is designed to deliver through our partnership.”
About Betacom
Betacom offers the first fully-managed private 5G network service, building on its long history as a wireless infrastructure provider to AT&T, T-Mobile, and Verizon. Founded in 1991 and headquartered in Bellevue, Washington, the company has regional offices throughout the country. Having completed more than 800 large-scale design and deployment projects, Betacom inspires confidence among their customers who have worked closely with them to meet their pressing high-performance connectivity needs. Its secure private 5G wireless service is the first managed service of its kind in the United States.
Read More