Published: June 8th, 2017
One of CENGN’s major objectives is providing small and medium enterprises (SMEs) with the resources they need to overcome barriers and successfully push their innovative products to the next generation network (NGN) market. Part of how we do this is through enabling SMEs to validate their innovative solutions on our secure CENGN Infrastructure. By demonstrating the validity and scalability of their solution in a CENGN testbed, the SME gains evidence of their product’s usability in the field. From there, SMEs can leverage CENGN’s media exposure as well as the Centre of Excellence’s partner and member companies to build leads with potential clients and start commercializing.
CENGN accepts SMEs within a broad range of NGN project areas, including cyber security. As the ICT sector continues to grow and our community and organizations become more virtualized, specifically with the advent of 5G, it is crucial to improve on the security of networks in both the private and public sector. InfoSec Global (ISG) is embarking on a CENGN project to demonstrate their powerful and dynamic Crypto-Agile Virtual Private Network (VPN) solution, called AgileSec VPN.
The AgileSec VPN Solution
In today’s cyber environment, network security is designed to protect both the industry and the public sector. Without having a secure network, organizations are at a high risk of having information leaked or stolen. Infosec helps organizations by providing them with dynamic encryption security that prevents hacking. This is accomplished by using secure tunnels and a special cryptography architecture that allows for encryption algorithms to be adjusted on the fly and customized for the entire network or network segment. AgileSec VPN is a crypto-agile virtual private network which protects organizations’ information, as well as their long-term investment in this equipment and technology. Recently, ISG has virtualized their VPN solution to meet the dynamic requirements of next generation carriers, 5G networks, and multi-site requirements.
How Virtualized AgileSec VPN Works
AgileSec VPN protects remote data connections and company information using cryptography, and can be deployed in a cloud platform. It also allows users with strict and advanced security requirements to re-configure the cryptography that is used to create secure tunnels to carry the information from site to site.
For example, let’s say there is a large organization with sites in Tokyo, Toronto, and Miami. Each site will be constantly sending information through their network, and potentially open itself up to hackers looking to steal sensitive data. AgileSec VPN has the capability to create secure tunnels between each site and change crypto-algorithms in real-time for the entire network and each individual tunnel. So, if Toronto to Tokyo had a compromised algorithm, this could be immediately changed while leaving the rest of the network as it is.
AgileSec VPN will also address network security requirements for Internet of Things (IoT) deployments such as encrypting video streams from remote security cameras. With Canada on the cusp of 5G, dynamic security for IoT applications will be crucial for the new technologies coming with Smart Cities and Smart Infrastructure.
Where does CENGN come in?
To test the scalability of ISG’s AgileSec VPN solution, ISG needs access to a cloud platform where they can perform a long-running test with many active nodes. Originally, ISG considered working with a commercial cloud platform, but commercial alternatives have large costs related to compute time, memory, disk space, cores and bandwidth. With access to the CENGN cloud platform, ISG can run their testbed with multiple nodes and get the most useful results from the test environment. Issues such as memory-leaks, efficiency of synchronization algorithms, and performance tuning can be investigated using the CENGN test infrastructure, while at the same time hosting many active nodes running for a lengthy period of time.
With a CENGN space, ISG will effectively test their Crypto-Agile VPN solution by emulating a multi-site network security system scaled to the level of a large multi-national. Beyond this, ISG wil have CENGN’s technical expertise at their disposal, giving the company all the tools they need to test and verify their solution’s capabilities and measure the true potential of the AgileSec VPN solution.
With the CENGN provided cloud tenant, ISG will be able to test their crypto-agile AgileSec VPN solution as if it were transporting data between office locations and using unique algorithms from site to site. Upon the proof-of-concept’s successful completion, ISG will have demonstrated that their VPN is scalable, enterprise-ready and cryptographically agile.
Figure 1: ISG Project Network Diagram
As shown above, the ISG Project Network is comprised of various virtual VPN sites that are controlled by the AgileSec management station. To validate the solution, ISG will ensure a secure communication between two hosts by managing the whole process and “pushing” new crypto algorithms to each node in real-time.
Rolling up our Sleeves
CENGN is ready and excited to get started with ISG’s project, showcasing the full potential of the crypto-agile AgileSec VPN solution. Here at CENGN, we’re very eager to see ISG introduce their solution to the broad market and bring a more secure and diverse method of cryptography that can be implemented on a large scale. We are thrilled to collaborate with ISG and are looking forward to the results of the project!
Keep an eye out for a success story coming soon! While you’re waiting, take a look at some past projects we’ve completed.