3 Ways to Extend Cybersecurity Infrastructure to the Edge – Interconnections



As enterprises and agencies seek to extend their security boundaries while managing ever-larger workloads, and globally distributed digital infrastructure continues to grow as the collective meeting place for digital services at the edge, an added level of private, secure transport will become table stakes.

Unlocking the power of WAN MACsec with Equinix Fabric

Equinix Fabric™ gives customers on-demand access to a global SDN-enabled MPLS network, allowing them to create Ethernet Virtual Private Line (EVPL) connections across its 100G shared global backbone in an on-demand fashion. A true Network as a Service offering, Equinix Fabric provides private Layer 2 Ethernet-based transport across nearly 60 metros worldwide, with more being added regularly. Equinix Fabric offers a global private interconnection platform for secure transport and access to clouds, networks, and mission partners, making it an inherently secure alternative to the public internet.

If private, Ethernet-based EVPL transport is not enough to ensure transport security, customers can also encrypt traffic between endpoints using their encryption technology of choice, such as IPsec, TLS, CSfC, Type 1 and MACsec.

MACsec encryption, though highly desired in private, Layer 2 environments, has traditionally been limited to enclosed networks or the first/last mile of encryption between a customer’s on-premises environment and a corresponding colocation facility. This meant it was unable to support true multi-domain transport on a global scale. Now, the advent of WAN MACsec is changing that paradigm. More specifics on the differentiation and rationale between traditional and WAN MACsec encryption can be found in the white paper “Innovations in Ethernet Encryption for Securing High Speed WAN Deployments.”[1]

The promise of WAN MACsec is truly game changing: it keeps wire-speed, Layer 2 encryption intact in an Ethernet-based multi-domain transport environment. Rather than being limited only to local, last-mile connections, organizations can now deploy WAN MACsec across the globe on Platform Equinix®, which is integral to extending their cybersecurity perimeter to the digital edge with confidence.

As adversaries continue to increase their level of sophistication, an AI/ML-enabled zero-trust framework coupled with WAN MACsec encryption can help federal agencies extend their reach and securely transport sensitive information wherever their mission takes them. To learn more about how Equinix can help federal agencies operate at the digital edge securely and effectively, schedule a Digital Edge Strategy Briefing today.



[1] Cisco, “Innovations in Ethernet Encryption (802.1AE – MACsec) for Securing High Speed (1-100GE) WAN Deployments”. Authors: Craig Hill, Stephen Orr. 2016.


Source link