VPN
Businesswire | July 18, 2023
The world’s efforts to secure digital communications from the threat posed by quantum computers took a significant leap forward today as a new standard for quantum-safe Virtual Private Networks (VPN) was ratified by the Internet Engineering Task Force (IETF).
The new protocol has already been used by Banque de France and Deutsche Bundesbank to secure payments messages, paving the way for full adoption by the Bank for International Settlements to secure communications between the world’s central banks.
‘Harvest Now Decrypt Later’ (HNDL) attacks currently represent the greatest quantum cybersecurity threat. These attacks see hostile actors steal encrypted data now which can be decrypted once a sufficiently mature quantum computer comes online. The new US Quantum Computing Cybersecurity Preparedness Act states that the HNDL risk presents the highest threat to humankind and stipulates that quantum migration must start now. Deploying a VPN based on new post quantum cryptography is the easiest way to protect data-in-transit from such attacks.
The new IETF standard specifies how VPNs can exchange communications securely in the quantum age. The novel approach prioritises interoperability by making it possible for multiple post-quantum and classical encryption algorithms to be incorporated into VPNs. Combining both old and new encryption is essential to ensure no disruption to the functioning of existing IT systems, and to protect data from attack by both classical and quantum computers.
This is a particularly important milestone for internet connectivity and security as we are transitioning from an era where the world relied upon just one or two algorithms (RSA and Elliptic Curve), to a situation where different nation states are deploying a wide variety of different post-quantum algorithms. This new IETF standard is the glue that allows parties using different public key encryption algorithms to talk with one another.
The new IETF standard was proposed and designed by Post-Quantum, a British cyber security company that’s built a portfolio of market-ready quantum-safe cyber security products. Post-Quantum’s own Hybrid PQ VPN uses the new IETF standard and is already in use by NATO to secure its communications from quantum attack, supporting interoperable communications between NATO members.
CJ Tjhai, CTO, Post-Quantum and original author of the new IETF standard said: “I’d like to thank all the technologists that collaborated with us on this IETF standard. Much of the focus has been on NIST’s new post quantum encryption algorithms themselves, but this is insufficient unless you have a protocol that defines how the connectivity is done. The easiest way to prevent Harvest Now Decrypt Later attacks is to deploy a PQ VPN based on the new IETF standard. NIST’s new algorithms are only useful if we have agreed standards for their use and mature products that can accommodate them.”
Andersen Cheng, Executive Chairman, Post-Quantum added: “CJ and his collaborators have completed important work that makes it possible for tech companies to build quantum-safe VPNs that communicate to one another. We are entering a period where different countries are now recommending different encryption algorithms, so engineering our communications infrastructure to be interoperable and backward compatible is absolutely crucial. That’s the value our own VPN is bringing to organisations like NATO, a diverse member organisation with a variety of post-quantum algorithms in use.
“In the commercial sector, we are pleased that Banque de France and Deutsche Bundesbank have also recently completed their project in transmitting payment messages using our protocol, which will pave the way for the Bank for International Settlements to build a complete chain of trust for central bank applications to counter any HNDL risks they already face today.”
José María Lucía Moreno, Lead Partner, EY Wavespace and a Post-Quantum partner added: “Our agreement with Post-Quantum is an important step in helping EY and its clients to become quantum-safe. We’re increasingly consulting with our clients to identify where they use traditional encryption that will need to be upgraded, and to help them prepare for the quantum era. Post-Quantum’s approach is particularly interesting because they have modular software-based products like the VPN, which can be implemented together, or as standalones within existing environments, to offer protection today.”
The IETF is the non-profit organisation with responsibility for developing the standards that define how the internet is built and used. Now that the IETF has ratified this work, VPN providers will adapt their protocols to match it, making this a defining standard for the future of cybersecurity as the world transitions from classical to new post-quantum encryption. Ratification represents the culmination of work dating back to 2017 when Post-Quantum took the lead in creating the original proposal for this standard.
About Post-Quantum
Post-Quantum is upgrading the world to next-generation encryption. Our quantum-safe platform includes modular software for Identity, Transmission and Encryption that protect organisations across their entire digital footprint. Products are interoperable, backward compatible and crypto-agile - ensuring a smooth transition to the next generation of encryption.
Post-Quantum works with organisations in defence, critical national infrastructure and financial services, including a multi-year relationship with NATO to ensure its communications are secure against quantum attack.
Read More
Server Hypervisors, Vsphere
prnewswire | August 29, 2023
Napatech™ (OSLO: NAPA.OL), a leading provider of programmable Smart Network Interface Cards (SmartNICs) and Infrastructure Processing Units (IPU) used in cloud, enterprise and telecom datacenter networks, today announced the availability of the Napatech's first 400Gbps programmable SmartNIC solutions, leveraging the latest Intel Agilex® 7 FPGAs to deliver best-in-class performance for applications in security, cloud services, network monitoring and recording.
Enterprises and OEMs providing high-performance solutions for network monitoring and recording require NICs with a performance level that matches the high PCI Express (PCIe) bandwidth available in the latest servers such as those based on 4th Gen Intel Xeon® Scalable Processors. The new Napatech NT400 SmartNIC platform, based on the Intel® FPGA SmartNIC N6000-PL Platform, addresses this need through a PCIe Gen 4 16-lane host interface which enables full-duplex 2x100Gbps traffic between network ports and host applications. Similarly, for applications like the 5G packet core in telecom infrastructure that require high-bandwidth inline processing of network data, the NT400 platform sustains a total 400G of traffic over tens of millions of flows.
The NT400 programmable SmartNIC platform includes two QSFP56 network ports, supporting up to 2x200G traffic with the flexibility to configure 10G, 25G, 40G, 50G, 100G and 200G network links. The SmartNIC hardware is complemented by Napatech's portfolio of production-grade software packages, including Link-Capture™ for use cases such as network monitoring and recording, Link-Virtualization™ that provides a virtualized data plane for cloud services and Link-Inline™ for inline applications such as 5G User Plane Function (UPF). These integrated solutions deliver a true "IT experience" whereby the user just installs the card and the software, immediately achieving seamless acceleration of their application with no requirement to directly program the SmartNIC itself.
At the core of the NT400 platform is the Intel Agilex 7 FPGA F-Tile chiplet, which incorporates a configurable, hardened Ethernet protocol stack for supporting rates from 10G to 400G. Napatech chose the Intel Agilex 7 FPGA for a host of reasons, including scalability options that allow support for five different configurations that meet various price, performance, power and feature goals, tailored to specific customer applications and use cases. The F-Tile features are critical in enabling the NT400 to operate within the space and power limitations of standard servers deployed in network appliances, data centers and edge locations.
"As the networking landscape continues to evolve, SmartNICs emerge as the predominant growth catalyst in the expansive NIC market, poised to reach $3.3 billion annually by 2025" said Manoj Sukumaran, Principal Analyst for Datacenter Compute and Networking at Omdia. "High bandwidth programmable Ethernet adapters require very fine optimization in hardware and software to ensure deterministic and predictable processing time and making them suitable for real-time networking applications. Napatech is among the very few vendors who could provide highly optimized SmartNICs and software solutions leveraging FPGAs from vendors like Intel, and deliver highly efficient network offload capabilities" he added.
"The NT400 platform represents the latest generation within our portfolio of SmartNIC solutions," said Jarrod Siket, Chief Marketing Officer at Napatech. "We will deliver multiple SKUs based on this platform, providing products with memory configurations as well features like time synchronization and management ports that are precisely tuned to the requirements of our customers' applications, all packaged with the applicable production-grade software."
"We are delighted to see Napatech choose the Intel Agilex 7 FPGA for their leading-edge SmartNIC solutions," said Mike Fitton, Vice President Programmable Solutions Group and General Manager, Network Business Division at Intel. "The combination of our FPGAs, which deliver high performance, and power efficiency plus a rich feature set for the most demanding applications, together with Napatech's production-grade hardware and software, helps ensure that customers can deliver leading solutions for a wide range of enterprise and telecom applications."
About Napatech
Napatech is the leading supplier of SmartNIC solutions used in cloud, enterprise, and telecom datacenters. Through commercial-grade software suites integrated with high-performance hardware, Napatech accelerates network infrastructure and security workloads to deliver best-in-class system-level performance while maximizing the availability of server compute resources for applications and services.
Read More
Cloud, Containers, Virtualized Environments
PR Newswire | June 29, 2023
StackPath, the industry-leading edge computing platform, today announced support for using Virtual Kubelet (VK), an open-source Kubernetes (K8s) technology, with StackPath Edge Compute Containers. With VK support, developers and operators can seamlessly integrate StackPath Containers (SP// Containers) into multi-cloud K8s clusters and manage them as part of their worker node deployment using standard K8s APIs/management consoles.
"Virtual Kubelet support delivers on all three of our core product values: speed, decentralization, and simplification," said Tom Reyes, Chief Product Officer for StackPath. "Nearly all internet-centric applications are distributed, latency-sensitive, and meant for multi- or hybrid-cloud deployment. Virtual Kubelet, paired with our edge compute, is the perfect solution. VK lets clusters span clouds without additional management overhead. StackPath gives those clusters more geographic diversity and higher proximity to data sources and destinations. We couldn't be happier to join the VK community as an official infrastructure provider."
Sponsored by the Cloud Native Computing Foundation, Virtual Kubelet is a revolutionary open-source technology transforming how companies approach Kubernetes clusters. Installed on a K8s cluster's control node, VK enables the control node to integrate and communicate with compute resources in other networks and platforms. The K8s cluster's administrator can centrally manage the entire cluster, regardless of where and how many other resources have been integrated.
No other VK provider offers complete compute containers with the physical proximity to end-users and on-premises networks as StackPath. Data can reach or be delivered from StackPath Edge Compute instances up to 300% faster than similar instances in hyperscale cloud data centers, providing exceptional speed and responsiveness for businesses' B2C, B2B, and even internal workloads.
"If you already use K8s and want to go to the edge, no need to rip and replace; just skip right to a better-performing application. Or if you held off leveraging K8s because you couldn't afford the latency or complexity, wait no more.," said Mr. Reyes. "The cloud is complicated enough with too much room for runaway costs and inadequate performance. StackPath and VK have the perfect combination of easy-to-use and familiarity. Keep using your same Kubernetes API server and API calls. We'll keep care of the infrastructure."
About StackPath
StackPath is a cloud platform built at the internet's edge, providing infrastructure and services physically closer to the source or destination of data than hyperscale cloud service providers. StackPath Edge Compute (including virtual machines and containers), Edge Delivery (including CDN and serverless scripting), and Edge Security (including WAF and L3-L4, L7 DDoS Protection) solutions run in edge locations strategically deployed in high-density markets and united by a secure global network and a single management system. Customers ranging from Fortune 50 enterprises to one-person startups trust StackPath to give their latency-sensitive workloads and real-time applications the speed, security, and efficiency they require.
Read More
Virtual Desktop Strategies, Backup and Disaster Recovery
businesswire | August 04, 2023
Kinetic Business, a leading network technology provider, has launched a new cybersecurity product, Managed Detection and Response (MDR), designed exclusively for business customers. The all-in-one security solution protects business data, network, applications, and users from evolving and sophisticated cyber threats.
As cyberattacks become more frequent and complex, companies of all sizes are struggling to keep up with the ever-changing threat landscape. Kinetic MDR unifies stand-alone services, including firewalls, content filtering, and a 24/7 Security Operations Center (SOC) into one robust threat management system, making network security easy and accessible for businesses.
Kinetic MDR provides a proactive approach to cybersecurity by continuously monitoring and analyzing network activity, detecting and responding to potential threats, and providing remediation strategies. It takes the burden of security management off a business by integrating a firewall, intrusion prevention, and continuous monitoring. This offers the reporting and compliance posture businesses need.
“In today’s digital world, data security has to be a top priority for companies, no matter their size, industry, or location,” said Marc Dyman, executive vice president of Kinetic Business and Kinetic Wholesale. “We know cyberattacks are on the rise and that it’s not a question of if an attack will happen, but when. Companies need to have sufficient security measures, but they don’t have to go it alone. We’re proud to offer a comprehensive solution backed by global leaders in the security sector.”
Kinetic MDR features an award-winning firewall and a dedicated Security Operations Center (SOC) from silversky,a leader in the cyber defense space.
Kinetic Business customers can benefit from:
Monitoring: Complete visibility and control over cyber threats, backed by a dedicated team of experts (SOC) available 24/7/365
Management: Upgrades and patch management for hardware, weekly reporting, and a user-friendly customer portal
Response: An intrusion prevention system, security information and event management, as well as web content filtering for malware and bad actors
Automated security services (anti-virus) to stop advanced threats and disruptions
“The consequences of a data breach can be devastating for a small business, including loss of revenue, damage to reputation, and legal liability,” said Cary Conrad, president of SilverSky. “Kinetic’s offering not only secures data and reduces the risk of hacks and breaches; it also reduces the daily burdens and activities of a company’s IT team.”
About Kinetic Business
Kinetic by Windstream is a business unit of Windstream, a privately held communications and software company. Kinetic provides premium broadband, entertainment and security services through an enhanced fiber network to consumers and businesses primarily in rural areas in 18 states. The company also offers managed communications services, including SD-WAN and UCaaS, and high-capacity bandwidth and transport services to businesses across the U.S. Additional information is available at KineticBusiness.com.
About SilverSky
Today’s organizations are playing catch-up, chasing alerts with a scarcity of experienced people, time, and budget. It’s time to change the rules of engagement with SilverSky, the world’s leading Managed Detection and Response platform for threat detection, log management, and response. SilverSky gives our customers enhanced Vision, Velocity, and Vigilance. The Vision to be an advanced technology company, developing the depth and complexity of analysis to shield them from cyber risk, regardless of their size or journey. The Velocity to attack cyber risk at light speed, constantly ramping up our rate of learning, and slashing the time to detect and respond. The Vigilance to combine deep human experience, military-grade behavioral tracking, and machine learning, to protect our customers’ attack surface as vigorously as their bottom lines. By delivering consistently on these values, our SOC teams’ customer satisfaction rating is over 98% globally.
Read More