Risk
11/12/2006
11:55 AM
Connect Directly
RSS
E-Mail
50%
50%

CipherOptics Intros Policy & Key Manager

CipherOptics announces the availability of the CipherEngine Policy & Key Manager

RALEIGH, N.C. -- CipherOptics, the leading innovator of Compliance Grade™ data protection solutions, today announces the availability of the CipherEngine™ Policy & Key Manager, a breakthrough software-based solution that eliminates the complexity of policy/key management and the scalability issues associated with traditional encryption. Based on the CipherOptics Policy & Key Management Architecture™ (PKMA), CipherEngine offers a first-of-its-kind network service for the generation and distribution of policies and keys. This allows organizations to achieve the highest level of data protection and regulatory compliance without having to change their underlying network infrastructures; without negatively impacting network or application performance; and, without increasing management or operational costs.

“On the highly complex and large-scale network infrastructures that AT&T designs and delivers worldwide, the limitations of legacy encryption solutions were a significant challenge to meeting our customer needs for enhanced network-wide encryption and data protection,” said Ron Howell, Sr. Network Architect for AT&T. “Excessive network complexity leads to reduced overall network availability and reliability. CipherOptics’ CipherEngine product offers AT&T and our customers an innovative approach to policy and key management that has alleviated the management, scalability and performance burdens associated with strong encryption while still providing our customers with the highest levels of protection possible. AT&T Networks worldwide can be more secure and more reliable when we utilize the CipherOptics’ CipherEngine technology.”

Until now, organizations had to choose between security best practices, which dictated encryption of all data in motion, and networking best practices which, among other things, dictated the ability to load balance and dynamically route traffic over redundant paths. With the release of CipherEngine, organizations no longer have to choose between the two. CipherEngine makes encryption possible over any network topology regardless of size, and does so without sacrificing any networking best practices.

“For years, organizations have been held at bay by encryption barriers caused by policy and key management,” said Jon Oltsik, Senior Analyst for ESG. “Now with CipherOptics’ CipherEngine, organizations will be able to secure data across the entire network without the traditional challenges associated with large-scale encryption deployments.”

CipherEngine provides an evolving platform for technology vendors and network providers, delivering security services on an enterprise-wide scale without the complexity or compromise associated with other solutions. CipherEngine also empowers large enterprises, financial institutions, healthcare providers and government agencies to secure their data as it has never been possible before and on scales never before achievable with traditional encryption technologies.

CipherEngine also provides excellent investment protection for network managers. For organizations that have made significant investments in network infrastructure, CipherEngine allows them to get the full performance out of their investments by offloading the complexity and processing burdens of wide-scale encryption to the CipherEngine, which enables network best practices to be maintained without impacting network deployments or application performance.

“In solving encryption problems for large enterprise customers and government agencies, our customers worked with us and challenged us to overcome the policy/key management problems and scalability issues they faced with existing approaches,” commented Ron Willis, President and CEO of CipherOptics. “We studied the problem and delivered an evolutionary approach to improving network-wide encryption that has led to revolutionary results. We now provide a way for organizations to manage policies and keys across the entire network, which allows encryption to scale as never before.”

CipherOptics Inc.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.