Brocade’s new encryption functionality for routers tackles data privacy challenges

Brocade has announced native port-based encryption functionality for modular routers. This offering delivers encryption embedded in-line with the I/O ports, enabling customers to avoid the performance loss, operational complexity, and prohibitive cost associated with services blades or external appliances used for encryption.

The new capability better enables comprehensive privacy for all data across campus, data centre, and wide area networks belonging to enterprises, service providers, and the public sector.

To protect data-in-flight between data centres, branch offices, and campus buildings, Brocade added the “highest” level of encryption, IPsec Suite B algorithms with support for AES 256-bit keys, to the family of Brocade MLXe routers via a purpose-built line module and operating system enhancements.

The updates eliminate the need for expensive specialised switch/router encryption services blades or third-party security appliances, while also eradicating performance-inhibiting latency and complex operations that are inherent with these types of add-on devices.

The new security functionality added to the Brocade MLXe routers includes both 256-bit IPsec encryption and 128-bit MACsec encryption, the gold-standard protocols used by organisations to help ensure end-to-end data protection. Both of these security protocols can be enabled at wire speed for up to 44 Gbps (IPsec) or 200 Gbps (MACsec) throughput per module, meeting the highest levels of network performance requirements.

“With data breaches making headlines around the world, securing confidential information is top of mind for every organisation. As customers tackle the data privacy challenge, they need security everywhere in their infrastructure, but especially for data-in-flight over the WAN. Historically, performance and cost have been key barriers to broad adoption of network encryption technology,” said Jason Nolet, senior vice president Switching, Routing, and Analytics Products, at Brocade. “By utilising innovative, I/O-based encryption in Brocade MLXe routers, organisations can now deploy up to 44 Gbps of wire-speed IPsec encryption per trunk and over 1 Tbps per router, achieving five times the performance at a third of the cost—and without the operational complexity—of comparable solutions.”

By bringing wire-speed encryption into the router, customers can enable pervasive data privacy across their New IP initiatives while offloading their appliances, improving performance, and increasing their overall IT security profile.

The new IPsec and MACsec functionality for the Brocade MLXe routers is interoperable with third-party IPsec Suite B-capable platforms, and it complements MACsec functionality available in the Brocade ICX family of switches. IPsec interoperability with the Brocade Vyatta vRouter is targeted for a future release, enabling customers to deploy native network encryption for privacy of all their data across hybrid cloud deployments.