Enhanced Peace of Mind with Strong Security
All networks are exposed to security risks that can escalate very quickly to cause significant damage to network operators and users. Network security will involve microwave radio security where wireless links are part of the network, and standardized security protocols exist for such configurations.
Strong Security is an optional feature available on the Eclipse Packet Node platform, available to service providers and private network operators who require additional protection of transmitted data beyond the inherent security of narrow-beam microwave links.
Strong Security offers a much higher degree of microwave communications security and is integrated and embedded into the radio platform—not an add-on box such as some competing solutions.
Eclipse Packet Node platform delivers Strong Security using standardized security protocols based on FIPS 140-2 and 197. Through these two standards, management and payload transmissions are encrypted over an Eclipse microwave radio link. Eclipse microwave radio security will deliver operators enhanced peace of mind that both the management and payload data packets are secure across any microwave link.
Eclipse FIPS 140-2 Validation In Process
Eclipse FIPS 140-2 (Level 2) testing is currently in process at the Cryptographic Security and Testing Laboratory (CST). This is an important step for final FIPS 140-2 validation. Completed FIPS 140 Level 2 testing will validate that the Eclipse management encryption algorithms are fully compliant to standardized security protocols based on FIPS 140-2.
Validation status may be confirmed at: http://csrc.nist.gov/groups/STM/cmvp/inprocess.html.
Eclipse FIPS 197 Validated
The Eclipse Packet Node platform is FIPS 197 Validated for payload encryption using 128/256-bit AES encryption. Eclipse Payload encryption of communications and OAM traffic is compliant to the Advanced Encryption Standard, a FIPS-approved cryptographic algorithm that can be used to protect electronic data. In addition, Payload encryption provides another layer of security to management commands so they cannot be eavesdropped on and potentially subjected to “replay” attacks.
Validation listed at: http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html (search for Aviat Networks, # 2259, 10/23/2012)
Integrated RADIUS Capability
For an additional level of protection, Strong Security integrates RADIUS capability into your existing IT infrastructure. Integrated RADIUS client capability and centralized AAA domain server capability are supported for remote authentication, authorization and accounting for an extra level of security for your wireless network.
Eclipse Packet Node Security is supported
- Support for Secure Management over unsecured networks through use of secure protocols (e.g., SNMP v3, SSL, TLS v1.2) based on FIPS 140-2 validated algorithms. NIST validation in-process status may be confirmed here.
- FIP-197 Certified (NIST validated) 128-bit or 256-bit AES encryption for Payload Encryption (e.g. AES-128, AES-256, 3DES, DES) of communications and OAM traffic. Confirmation is available on the following NIST web pages:
- Algorithm Validation, and on the
- Advanced Encryption Standard Algorithm Validation List (search for Aviat Networks, #2260, 10/23/2012)
- RADIUS capability and centralized AAA domain server support for User Authentication to track all authorized and unauthorized user activity and points of entry
- Four categories of access privileges to create any type of highly customized user profiles that are most appropriate for your network
- Capability to disable all unsecured physical ports for each radio link to prevent unauthorized connections and system break-ins
- Extensive track record with US Federal agencies, departments and authorities
- NTIA (SPS/IRAC) Certifications
- DoD JF-12 certification
Strong Security on Eclipse Packet Node
Even though microwave communications have some built-in security-like features such as scrambling, narrow beamwidth, proprietary airframe, coding and other factors, it is not very hard for them to be broken by those with the proper expertise. Some vendors even openly offer commercial microwave interception systems for “legitimate” monitoring. This and the growing sophistication and willingness of those attempting to break into wireless networks makes a high level of security for microwave more important than ever...