|
Silver Peak products are built on a Secure Content Architecture™ that enables enterprises to deploy WAN acceleration with complete confidence. The Silver Peak solution incorporates the latest in encryption technology to protect data at all times – at rest and in transit across the WAN. In addition, Silver Peak makes it easy to configure, enforce, and monitor security policies from a central location through the Silver Peak Global Management System (GMS), and employs mechanisms to ensure that security does not come at the expense of network performance or scalability. The result is end-to-end secure WAN acceleration.
Data and System Plane Protection:
The Secure Content Architecture employs various techniques to ensure that data remains secure, regardless of where it is in the WAN acceleration process. This is achieved via the following capabilities:
- Disk encryption: Silver Peak employs 128 bit AES encryption to protect all data stored on Silver Peak appliances. This is the only fail-safe way to ensure the privacy of information in the event that an entire device (or individual hard drive) is stolen, compromised, or changes hands.
- Secure Transmission (IPsec): Silver Peak supports 128 bit IPsec (using AES for encryption) to ensure that data as secure as it is transferred over the WAN.
- Secure Socket Layer (SSL) Acceleration: Silver Peak optimizes SSL traffic using a variety of techniques, including Quality of Service (QoS) to prioritize this traffic, TCP acceleration to overcome latency, and Network Integrity to minimize the impact of dropped/out of order packets. In addition, Silver Peak has the ability to terminate (and re-establish) SSL sessions so that Network Memory compression and deduplication techniques can be performed on SSL encrypted traffic.
Control and Management Plane Protection:
Silver Peak’s Secure Content Architecture delivers a variety of features that control the manner in which traffic traverses the WAN. These include:
- Centralized control: Silver Peak’s Global Management System (GMS) enables advanced authentication policies to be centrally configured and enforced. This includes “peer authentication”, whereby only valid Silver Peak appliances are allowed on the network, and connectivity can only be established between trusted Silver Peak devices. These features protect an enterprise from session hijacking or man-in-the-middle (MiM) types of attacks that can compromise WAN acceleration solutions.
- Advanced Application-based policy management: Silver Peak’s appliances make intelligent policy decisions in real-time to improve the security and performance of WAN traffic. They can determine which WAN acceleration techniques should be applied to individual flows of traffic to optimize performance, and choose to prioritize traffic based upon pre-established security policies. Silver Peak appliances employ stateful deep packet inspection to make intelligent acceleration decisions when handling applications that use ephemeral (i.e. temporary) ports, such as Voice over IP (VoIP), FTP, MAPI, and RPC.
- Secure Access: Access to all Silver Peak devices is tightly controlled using TACACS+ and RADIUS. This ensures complete AAA protection, including user tracking and auditing per-command authorization, and group based authentication privileges. Enterprises can use existing databases to facilitate administration and avoid potential security holes
The Silver Peak solution was designed from the ground up with secure acceleration in mind. By leveraging a variety of hardware and software components, Silver Peak provides the highest level of data protection today, while ensuring seamless support of future security technologies tomorrow.
Security. Scalability. Performance. Ease of Use. With Silver Peak’s WAN acceleration appliances, you can have it all.
|
