If you need help, please click here:
Data is the lifeblood of enterprises across diverse fields — including finance, government, law, and healthcare — and any loss or leak can lead to substantial loss of capital, business risks, and reputational damage.
But fiber isn't 100% secure. During normal signal transmission, when fibers are bent to a certain extent, signals in fibers can be collected using special devices without damaging fibers or affecting signal transmission.
To mitigate these threats, the industry's traditional encryption practices are encrypting data packets at layer 2 (Encrypted Ethernet), layer 3 (IPsec), and layer 4 (SSL/TLS). The implementation is simple, but the shortcomings are large latency, small throughput, less ports, and low speeds.
Compared with the traditional encryption solutions, an encryption channel based on the physical layer — layer 1 —has advantages to guarantee security while ensuring minimal impact on latency, bandwidth, and service speeds.
The Huawei OptiXtrans L1 Service Encryption Solution is designed to meet such needs. Applying the RFC 2631 protocol and following the FIPS PUB 197 standard, the solution consists of OptiXtrans equipment, encryption boards, a Security Management Tool (SMT) , and a Network Management System (NMS) such as Huawei's iMaster NCE network management system.
Using transport devices to transparently transmit client services, supporting port-level service encryption, the solution adds security to optical fiber networks, all while reliably supporting a range of services, causing only negligible changes to bandwidth usage and latency.
The solution has been recognized by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program and has earned Common Criteria (CC) Evaluation Assurance Level (EAL) 3+ certification.