Home >> May 2009 Edition >> PROCUREMENT POTENTIAL
Cisco Integrated FIPS Solution Over Satellite
by Jon Douglas, Director of Marketing, Spacenet

Satellite networks have long been a key technology used by federal, state, and local government agencies to provide a variety of communications solutions. The satellite’s unique ability to provide simultaneous, multicast data to thousands of sites over a huge geographic footprint, independent of terrestrial networks, provides a variety of flexible solutions for government agencies. Satellite is an ideal technology to support primary networks in mission-critical applications and offers transportable solutions for rapid deployment and disaster recovery as well as a continuity of operations (COOP) solution.

Satellites posses a high level of adaptability for a variety of situations — government organizations deploying satellite networks must account for a variety of requirements and options to ensure their communications network infrastructure is fully capable of supporting an agency’s mission-critical applications. Some of these considerations include coverage, cost, bandwidth efficiency, mobility, ease of integration, reliability, and, of course, security. The challenge is to find the correct balance of all the requirements, ultimately providing a network infrastructure that enables an organization to successfully fulfill its mission without going over budget or requiring too many resources.

For example, front line military users might have a higher requirement for physical security, mobility, and higher encryption needs for highly classified data. Civilian agencies might have a high requirement for security, but this must be tempered with the practical need to balance against cost, reliability, and the supportability. State and local agencies may require mobility, but must be willing to sacrifice some network security. The one element agencies have in common is a push to use “off the shelf” solutions whenever possible. Government security standardization, particularly the FIPS 140-2 standard, has enabled government communication providers to ensure security validation for their sensitive but unclassified data, while providing greater standardization and economics.

FIPS is published by the National Institute of Standards and Technology (NIST) and defines the security requirements that must be satisfied by a cryptographic module used in a security system protecting unclassified information within IT systems. The FIPS 140-2 standard is an information technology security accreditation program produced by private sector vendors who seek to have their products certified for use in government departments and regulated industries that collect, store, transfer, share and disseminate “sensitive, but unclassified (SBU)” information. By law, U.S. government purchasing agents must purchase the product that is certified for FIPS 140-2 (or FIPS 140-1), over one that is not so certified. FIPS 140-2 is also required in Canada and is also recognized in Europe and Australia.

FIPS compliance has become an integral part of network communications, including common carrier and satellite technologies. Today, new solutions, including the Spacenet and Cisco FIPS 140-2 certified encryption solution over satellite, provide new options to government organizations that need to meet strict security options and meet their full range of network requirements in a format they can support. By integrating this solution with the Cisco platform, the Spacenet solution delivers ease of implementation, uses existing infrastructure, and simplifies the ongoing management of the platform. For customers, this means less initial training required and fewer platforms for the IT group to support.

The Spacenet and Cisco FIPS certified encryption solution over satellite provides government agencies expanded satellite communications options, including services for CONUS based Department of Defense agencies and backhaul services between EMEA and the U.S. The solution supports mission-critical disaster recovery, backup networks, and other on-demand applications that are integrated directly into existing infrastructure. The Cisco VSAT Network Module helps enable easy deployment of satellite networks integrated directly with an organization’s existing Cisco router equipment and enables overall simplified network management. Competitive solutions use multiple devices, which increases the complexity of the system and adds components that may fail. Satellite services combined with the Cisco VSAT Network Module reduce complexity and eliminates the problem of multiple points of failure by using the Cisco router.
“The combination of Spacenet’s fully managed service, with industry-leading SLA’s and Cisco’s integrated FIPS 140-2 certified module delivers a whole new level of flexibility to government agencies as well as the ability to use their existing Cisco platform and investment,” said Spacenet Vice President of Government Services Mike Mazza. “This ability to take advantage of existing infrastructure should also reduce the training required by agencies to deploy the service or to maintain it.”

Spacenet’s integrated VSAT Cisco solution supports FIPS 140-2 and also supports acceleration of the encrypted traffic without the need to install additional devices at the remote location. The solution uses the Spacenet and Cisco codeveloped Integrated Acceleration and Encryption (ITAE) technology to provide end-to-end accelerated FIPS 140-2 certified encryption over satellite. The ITAE feature provides an integrated single box solution at the remote office that combines encryption and acceleration. It enables optimized support for site-to-site VPN and secure voice over satellite while providing efficient utilization of the satellite link, increased throughput, reduced latency and increased cost efficiencies. The ITAE solution enables organizations to deliver applications securely without the need to sacrifice user experience or to modify the method of application delivery.

FIPS Security
Government agencies rely on their networks to transport mission critical application data to and from multiple locations. FIPS certification over satellite insures network security to protect sensitive information through data, voice, and video transmissions. The Spacenet and Cisco FIPS solution expands the satellite options available for government organizations to support mission-critical applications including emergency response and continuity of operations, and provides assurance that it meets strict government security and testing requirements.

In addition, the Spacenet and Cisco FIPS certified encryption offering provides a more cost effective solution for meeting the security requirements of government agencies that don’t require the higher levels of more extensive security options. At the same time, it provides the flexibility of leveraging existing Cisco infrastructure, providing a better solution that meets an organization’s network size, cost and throughput requirements.

About the author
Jon Douglas is Director of Marketing for Spacenet and brings more than 18 years of marketing communications expertise in the telecommunications and IT sectors. Email: jon.douglas@spacenet.com.