SlideShare une entreprise Scribd logo

Introducing ConnectGuard™ Cloud

ADVA
ADVA

ConnectGuard™ Cloud is the industry's first virtualized encryption technology. It safeguards data in multi- and hybrid-cloud environments and enables service providers to move away from IPSec-focused appliance-based solutions that are costly and inflexible. Based on ADVA's award-winning Ensemble Connector with its zero touch provisioning capabilities, ConnectGuard™ Cloud supports the roll out of secure cloud connectivity to thousands of endpoints within minutes.

Technologie
1  sur  23
Télécharger pour lire hors ligne
Introducing ConnectGuardTM Cloud May 2018 Secure cloud connectivity for multi-cloud environments
© 2018 ADVA Optical Networking. All rights reserved.22 Overview of ConnectGuard Cloud • ConnectGuard Cloud technology is part of ConnectGuard family • First in the industry to deliver virtualized end-to-end encryption in multi-cloud environments • Breakthrough for service providers and enterprises that want to move away from IPSec and appliance-based solutions that are costly and inflexible • Military-grade encryption can be deployed on any COTS server or in a public cloud infrastructure. • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Automated key management for operational simplicity – no need for an externally managed IKE or PKI system • Based on the award-winning Ensemble Connector – with zero touch provisioning capabilities, customers can roll out secure cloud connectivity to thousands of endpoints within minutes.
© 2018 ADVA Optical Networking. All rights reserved.33 Agenda • Drivers for new encryption solutions • ConnectGuardTM Cloud in the ADVA portfolio • Benefits of ConnectGuardTM Cloud • Summary and additional resources
© 2018 ADVA Optical Networking. All rights reserved.44 © 2018 ADVA Optical Networking. All rights reserved. Confidential.4 Drivers for new encryption solutions
© 2018 ADVA Optical Networking. All rights reserved.55 When your destination is the cloud … You’ll need a secure path to get there
© 2018 ADVA Optical Networking. All rights reserved.66 Industry observations on security Security threats to enterprises are real and growing • Threats include loss of data, compromised secrets, civil suits • Statutory and regulatory requirement (e.g., GDPR) are raising the importance of compliance and the cost of non-compliances Appliance-based security solutions are costly, inflexible, logistically difficult and not cloud-friendly • Any security solution must address hybrid cloud and multi-cloud applications New virtualized solutions provide a ground-breaking approach to address today's threats and limitations • They also open the door for complementary applications
© 2018 ADVA Optical Networking. All rights reserved.77 Encryption challenges Latency Transparency Applicability The application should determine at which layer to encrypt Support encryption over any kind of access or transport network Apply encryption at customer premises, data center or public cloud Cost Compatibility Efficiency Cost per encrypted bit and initial cost are important Support services at the layer where they perform best Encryption has an impact on resource and network utilization
© 2018 ADVA Optical Networking. All rights reserved.88 Virtual encryption delivers high-performance, flexible secure cloud connectivity Secure cloud connectivity use case Drivers for software endpoints • Cloud-native implementation for multiple public cloud environments where the endpoints must reside on cloud infrastructure rather than dedicated hardware appliances • SaaS applications in the cloud, where latency can create performance impacts • Regulatory requirements such as GDPR • Business or government networks where high-quality encryption is required Dynamic encrypted networking • Flexible encrypted mesh for policy-based secure VPNs • Application-aware encryption at L2/L3/L4 • Supports point-to-point and hub-and-spoke topologies • Eliminates dependence on application-level encryption Security with uCPE upgrades • Upgrade with other security applications or enterprise apps Effective cost points • TCO analysis demonstrates software trumps appliances • Turnkey option for enterprise deployments
© 2018 ADVA Optical Networking. All rights reserved.99 Secure cloud connectivity: any-to-any Public cloud #1 Public cloud #2 Private cloud HQ On-net branch Hybrid branch Off-net branch Public internet IP-VPN (MPLS) CE L2VPN Color key: encryption only / encryption + L2 tunnel SD-WAN hybrid WAN
© 2018 ADVA Optical Networking. All rights reserved.1010 © 2018 ADVA Optical Networking. All rights reserved. Confidential.10 ConnectGuardTM Cloud in the ADVA portfolio
© 2018 ADVA Optical Networking. All rights reserved.1111 Secure connectivity across all networks • Secure cloud connectivity • Endpoints: >1K to 100K • Secure VPN connectivity • Endpoints: 100 to 1000 • Secure data center connectivity • Endpoints: 10 to 100 CloudEthernetOptical Physical connectivity Virtual connectivity Cloud connectivity Certified solution Certified solution
© 2018 ADVA Optical Networking. All rights reserved.1212 ADVA ConnectGuard™ security suite Technologies Product(s) Application ConnectGuardTM Management FSP NM Crypto Manager Encryption domain management ConnectGuardTM Optical FSP 3000 Secure data center connectivity ConnectGuardTM Ethernet FSP 150 Secure VPN connectivity ConnectGuardTM Cloud Connector Encryption, Ensemble Director Secure cloud connectivity
© 2018 ADVA Optical Networking. All rights reserved.1313 ConnectGuardTM Cloud benefits Implemented in Ensemble Connector Encryption and Director Cloud-native software encryption can be hosted on uCPE or in cloud • End-to-end encryption in multi-cloud environments – prevents man-in-the-middle attack vectors • Flexible, policy-based and application-aware secure networking – point-to-point or mesh • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Based on FIPS-compliant technology from Senetas Compute and bandwidth efficiency • Greatly improved throughput, overhead and latency versus IPSec – 8-24 bytes O/H versus 76 • Minimizes cost of hosting server – no need for hardware appliances Encrypted connections can be shared by multiple applications • No need to rely on SD-WAN or firewall encryption • Encryption functionality is separated from VNFs for layered security • Eliminates need for piecemeal application security Automated key management for operational simplicity • No need for an externally managed IKE or PKI system
© 2018 ADVA Optical Networking. All rights reserved.1414 Why use Ensemble Connector? Connector provides cloud-native computing (Linux/KVM/OpenStack), plus: 1. Accelerated vSwitch 2. Carrier Ethernet 2.0 3. Networking incl. LTE 4. Zero touch commissioning (ZTC) 5. Embedded cloud (OpenStack) 6. Integrated OS with open interfaces 7. Device scalability 8. Telco management 9. High availability 10. Platform security 11. Encryption engine 12. Local router 6. Ensemble Connector 7. Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM /QEMU 1. Virtual switch - Connector VNF / VM VNF / VMVNF / VM 2. CE 2.0 3. Network 8. Telco management 10. Security 4. ZTC Standard cloud environment Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM / QEMU Virtual switch – OVS and DPDK VNF / VM VNF / VMVNF / VM 9. HA 5. OpenStack 11. Encryption 12. Local router
© 2018 ADVA Optical Networking. All rights reserved.1515 © 2018 ADVA Optical Networking. All rights reserved. Confidential.15 Benefits of ConnectGuardTM Cloud Provided by Ensemble Connector Encryption
© 2018 ADVA Optical Networking. All rights reserved.1616 Integrated key derivation function (KDF) • Integrated KDF for managing key lifecycle • Secure centralized key management that delivers keys from a FIPS-certified appliance • Automatic key updates managed with timestamps • Manages keys at Layer 2, 3 and 4 • FIPS-compliant technology for multi-layer encryption • Random number generator with equivalent entropy to hardware platforms • Scales to thousands of endpoints • No master/slave requirement • Zero touch provisioning
© 2018 ADVA Optical Networking. All rights reserved.1717 Flexible encryption options • AES-256 CTR/GCM mode • Confidentiality only OR • Confidentiality + authentication • Multi-layer simultaneous encryption policies • Layer 2: Ethernet (MAC or VLAN) • Layer 3: IPv4/v6 subnets • Layer 4: IP + port • NAT passthrough • Netflow/Jflow support • Policy-based routing Low overhead per packet. Best case is one third of the overhead per packet compared to military grade IPSec. Overhead: • 8 bytes for encryption header (sender ID, key bank, frame counter) • 4 bytes additional header for TCP (layer 4 encryption only) • 16 bytes additional authentication data (optional)
© 2018 ADVA Optical Networking. All rights reserved.1818 Centralized key distribution with KDF Optional alternative to integrated KDF • Single centralized platform for managing key lifecycle • FIPS-certified server* distributes keys to all endpoints • Key server is tiered and redundant for resiliency • Uses industry standard key management protocol (KMIP) • Control plane isolation • Scales to hundreds of thousands of endpoints • Policy driven by: • Single key management system for all data • Key management required on specific site • FIPS requirements *SafeNet KeySecure or Senetas hardware encryptor as server
© 2018 ADVA Optical Networking. All rights reserved.1919 IPSec over internet Connector EncryptionPlain internet IPSec significantly impacts transmission performance Actual measurements from live test of 1Gbit/s traffic over internet Why not use IPSec? Throughput 56% – 86%* Latency: 37 – 79* ms Throughput 16% – 20%* Latency: 37 – 79* ms Throughput 56% – 95%* Latency: 37 – 79* ms *Depending on frame size 64-1M bytes
© 2018 ADVA Optical Networking. All rights reserved.2020 © 2018 ADVA Optical Networking. All rights reserved. Confidential.20 Summary and additional resources
© 2018 ADVA Optical Networking. All rights reserved.2121 Summary Enterprises are moving workloads into the cloud, including consumption of IaaS, PaaS, and SaaS services, in both multi-cloud and hybrid cloud models Achieving multi-cloud benefits requires efficient, secure and transparent connectivity Need a software solution that is compatible with uCPE and cloud deployments • Encrypt all the way into the cloud • Using low-cost uCPE servers at the customer site • Efficient and low-overhead encryption Benefits: • Transport of Layer 2 traffic over Layer 2 or Layer 3 access • Software solution that is compatible with existing encryption deployments • Ability to encrypt at Layers 2, 3 or 4 depending on requirements of the application • Efficient encryption minimizes required processing and network overhead • Modular, cloud native architecture – supports uCPE and public cloud, provides choice • Sophisticated key management • Turnkey solutions available
© 2018 ADVA Optical Networking. All rights reserved.2222 Additional resources • Securing zero touch for uCPE deployments • Using the Cloud to Secure the Cloud • Security is a many-layered thing* • Meet Anna and the future of virtualized encryption in the cloud
Thank you IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited. The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation. Copyright © for the entire content of this presentation: ADVA Optical Networking.

Recommandé

Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edge
ADVA
 
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
ADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118Pro
ADVA
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
ADVA
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metro
ADVA
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute servers
ADVA
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transition
ADVA
 

Recommandé

Improving time accuracy at the network edge
Improving time accuracy at the network edgeImproving time accuracy at the network edge
Improving time accuracy at the network edge
ADVA
 
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
ADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118Pro
ADVA
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
ADVA
 
Introducing G.metro
Introducing G.metroIntroducing G.metro
Introducing G.metro
ADVA
 
Inject precise synchronization into open compute servers
Inject precise synchronization into open compute serversInject precise synchronization into open compute servers
Inject precise synchronization into open compute servers
ADVA
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA
 
The 400G transition
The 400G transitionThe 400G transition
The 400G transition
ADVA
 
OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronization
ADVA
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronization
ADVA
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids
ADVA
 
SatAware assures satellite-based timing
SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timing
ADVA
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart cities
ADVA
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOS
Dan Dovolsky
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timing
ADVA
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networks
ADVA
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a service
ADVA
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
ADVA
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services now
ADVA
 
Security and services drive data north
Security and services drive data northSecurity and services drive data north
Security and services drive data north
ADVA
 
Transforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerTransforming network operations with Ensemble Controller
Transforming network operations with Ensemble Controller
ADVA
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
ADVA
 
Synchronizing 5G networks
Synchronizing 5G networksSynchronizing 5G networks
Synchronizing 5G networks
ADVA
 
5G is more than a new radio - network slicing
5G is more than a new radio - network slicing5G is more than a new radio - network slicing
5G is more than a new radio - network slicing
ADVA
 
Application-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationApplication-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregation
ADVA
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network security
ADVA
 
GNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationGNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor Synchronization
ADVA
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Canada
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network Layer
ADVA
 

Contenu connexe

Tendances

Security and services drive data north
Security and services drive data northSecurity and services drive data north
Security and services drive data north
ADVA
 

Tendances (20)

OSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronizationOSA 5440 for scalable and fully redunandant multi-technology synchronization
OSA 5440 for scalable and fully redunandant multi-technology synchronization
 
Meet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronizationMeet the industry's first pluggable module for precise synchronization
Meet the industry's first pluggable module for precise synchronization
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids
 
SatAware assures satellite-based timing
SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timing
 
OSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart citiesOSA 5405-MB – precise edge timing for 5G and smart cities
OSA 5405-MB – precise edge timing for 5G and smart cities
 
ADVA Disaggregated NOS
ADVA Disaggregated NOSADVA Disaggregated NOS
ADVA Disaggregated NOS
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...
 
Recent growth in timing
Recent growth in timingRecent growth in timing
Recent growth in timing
 
Introducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networksIntroducing the most compact sync solution for energy and broadcast networks
Introducing the most compact sync solution for energy and broadcast networks
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a service
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services now
 
Security and services drive data north
Security and services drive data northSecurity and services drive data north
Security and services drive data north
 
Transforming network operations with Ensemble Controller
Transforming network operations with Ensemble ControllerTransforming network operations with Ensemble Controller
Transforming network operations with Ensemble Controller
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
 
Synchronizing 5G networks
Synchronizing 5G networksSynchronizing 5G networks
Synchronizing 5G networks
 
5G is more than a new radio - network slicing
5G is more than a new radio - network slicing5G is more than a new radio - network slicing
5G is more than a new radio - network slicing
 
Application-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregationApplication-optimized 100G demarcation and aggregation
Application-optimized 100G demarcation and aggregation
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network security
 
GNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor SynchronizationGNSS Optimization for Urban Canyon and Indoor Synchronization
GNSS Optimization for Urban Canyon and Indoor Synchronization
 

Similaire à Introducing ConnectGuard™ Cloud

Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and moreAdvanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
inside-BigData.com
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
nvirters
 

Similaire à Introducing ConnectGuard™ Cloud (20)

Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network Layer
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
 
Cloud Services: Is the Transport Network a Utility or Differentiator
Cloud Services: Is the Transport Network a Utility or DifferentiatorCloud Services: Is the Transport Network a Utility or Differentiator
Cloud Services: Is the Transport Network a Utility or Differentiator
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
Implementing holistic security for containers and Kubernetes with Calico and ...
Implementing holistic security for containers and Kubernetes with Calico and ...Implementing holistic security for containers and Kubernetes with Calico and ...
Implementing holistic security for containers and Kubernetes with Calico and ...
 
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and moreAdvanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
Advanced Networking: The Critical Path for HPC, Cloud, Machine Learning and more
 
SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
 
Bulding a modern infrastructure & data center
Bulding a modern infrastructure & data centerBulding a modern infrastructure & data center
Bulding a modern infrastructure & data center
 
Automated Deployment and Management of Edge Clouds
Automated Deployment and Management of Edge CloudsAutomated Deployment and Management of Edge Clouds
Automated Deployment and Management of Edge Clouds
 
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
 
TechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANTechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WAN
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
 
cn-series-se-presentation.pptx
cn-series-se-presentation.pptxcn-series-se-presentation.pptx
cn-series-se-presentation.pptx
 
Ip tunneling and vpns
Ip tunneling and vpnsIp tunneling and vpns
Ip tunneling and vpns
 
Pure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural BroadbandPure-Play Virtualization for Rural Broadband
Pure-Play Virtualization for Rural Broadband
 
Transforming Networks into a NFV-Centric Environment
Transforming Networks into a NFV-Centric EnvironmentTransforming Networks into a NFV-Centric Environment
Transforming Networks into a NFV-Centric Environment
 
Cisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloud
 
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spotsIXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
IXIA VISIBILITY ARCHITECTURE Eliminating Blind spots
 

Plus de ADVA

ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ADVA
 
Open optical edge connecting mobile access networks
Open optical edge connecting mobile access networksOpen optical edge connecting mobile access networks
Open optical edge connecting mobile access networks
ADVA
 

Plus de ADVA (20)

Industrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockIndustrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clock
 
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
 
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clockIndustry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
 
Addressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureAddressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructure
 
Precise and assured timing for enterprise networks
Precise and assured timing for enterprise networksPrecise and assured timing for enterprise networks
Precise and assured timing for enterprise networks
 
Introducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandIntroducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demand
 
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
 
Sync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareSync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with software
 
Meet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingMeet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networking
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical network
 
Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...
 
Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)
 
Open optical edge connecting mobile access networks
Open optical edge connecting mobile access networksOpen optical edge connecting mobile access networks
Open optical edge connecting mobile access networks
 
Introducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorIntroducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchor
 
Meet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceMeet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation device
 
Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™
 
10G edge technology for outdoor environments
10G edge technology for outdoor environments10G edge technology for outdoor environments
10G edge technology for outdoor environments
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networks
 
From leased lines to optical spectrum services
From leased lines to optical spectrum servicesFrom leased lines to optical spectrum services
From leased lines to optical spectrum services
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Dernier (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Introducing ConnectGuard™ Cloud

  • 1. Introducing ConnectGuardTM Cloud May 2018 Secure cloud connectivity for multi-cloud environments
  • 2. © 2018 ADVA Optical Networking. All rights reserved.22 Overview of ConnectGuard Cloud • ConnectGuard Cloud technology is part of ConnectGuard family • First in the industry to deliver virtualized end-to-end encryption in multi-cloud environments • Breakthrough for service providers and enterprises that want to move away from IPSec and appliance-based solutions that are costly and inflexible • Military-grade encryption can be deployed on any COTS server or in a public cloud infrastructure. • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Automated key management for operational simplicity – no need for an externally managed IKE or PKI system • Based on the award-winning Ensemble Connector – with zero touch provisioning capabilities, customers can roll out secure cloud connectivity to thousands of endpoints within minutes.
  • 3. © 2018 ADVA Optical Networking. All rights reserved.33 Agenda • Drivers for new encryption solutions • ConnectGuardTM Cloud in the ADVA portfolio • Benefits of ConnectGuardTM Cloud • Summary and additional resources
  • 4. © 2018 ADVA Optical Networking. All rights reserved.44 © 2018 ADVA Optical Networking. All rights reserved. Confidential.4 Drivers for new encryption solutions
  • 5. © 2018 ADVA Optical Networking. All rights reserved.55 When your destination is the cloud … You’ll need a secure path to get there
  • 6. © 2018 ADVA Optical Networking. All rights reserved.66 Industry observations on security Security threats to enterprises are real and growing • Threats include loss of data, compromised secrets, civil suits • Statutory and regulatory requirement (e.g., GDPR) are raising the importance of compliance and the cost of non-compliances Appliance-based security solutions are costly, inflexible, logistically difficult and not cloud-friendly • Any security solution must address hybrid cloud and multi-cloud applications New virtualized solutions provide a ground-breaking approach to address today's threats and limitations • They also open the door for complementary applications
  • 7. © 2018 ADVA Optical Networking. All rights reserved.77 Encryption challenges Latency Transparency Applicability The application should determine at which layer to encrypt Support encryption over any kind of access or transport network Apply encryption at customer premises, data center or public cloud Cost Compatibility Efficiency Cost per encrypted bit and initial cost are important Support services at the layer where they perform best Encryption has an impact on resource and network utilization
  • 8. © 2018 ADVA Optical Networking. All rights reserved.88 Virtual encryption delivers high-performance, flexible secure cloud connectivity Secure cloud connectivity use case Drivers for software endpoints • Cloud-native implementation for multiple public cloud environments where the endpoints must reside on cloud infrastructure rather than dedicated hardware appliances • SaaS applications in the cloud, where latency can create performance impacts • Regulatory requirements such as GDPR • Business or government networks where high-quality encryption is required Dynamic encrypted networking • Flexible encrypted mesh for policy-based secure VPNs • Application-aware encryption at L2/L3/L4 • Supports point-to-point and hub-and-spoke topologies • Eliminates dependence on application-level encryption Security with uCPE upgrades • Upgrade with other security applications or enterprise apps Effective cost points • TCO analysis demonstrates software trumps appliances • Turnkey option for enterprise deployments
  • 9. © 2018 ADVA Optical Networking. All rights reserved.99 Secure cloud connectivity: any-to-any Public cloud #1 Public cloud #2 Private cloud HQ On-net branch Hybrid branch Off-net branch Public internet IP-VPN (MPLS) CE L2VPN Color key: encryption only / encryption + L2 tunnel SD-WAN hybrid WAN
  • 10. © 2018 ADVA Optical Networking. All rights reserved.1010 © 2018 ADVA Optical Networking. All rights reserved. Confidential.10 ConnectGuardTM Cloud in the ADVA portfolio
  • 11. © 2018 ADVA Optical Networking. All rights reserved.1111 Secure connectivity across all networks • Secure cloud connectivity • Endpoints: >1K to 100K • Secure VPN connectivity • Endpoints: 100 to 1000 • Secure data center connectivity • Endpoints: 10 to 100 CloudEthernetOptical Physical connectivity Virtual connectivity Cloud connectivity Certified solution Certified solution
  • 12. © 2018 ADVA Optical Networking. All rights reserved.1212 ADVA ConnectGuard™ security suite Technologies Product(s) Application ConnectGuardTM Management FSP NM Crypto Manager Encryption domain management ConnectGuardTM Optical FSP 3000 Secure data center connectivity ConnectGuardTM Ethernet FSP 150 Secure VPN connectivity ConnectGuardTM Cloud Connector Encryption, Ensemble Director Secure cloud connectivity
  • 13. © 2018 ADVA Optical Networking. All rights reserved.1313 ConnectGuardTM Cloud benefits Implemented in Ensemble Connector Encryption and Director Cloud-native software encryption can be hosted on uCPE or in cloud • End-to-end encryption in multi-cloud environments – prevents man-in-the-middle attack vectors • Flexible, policy-based and application-aware secure networking – point-to-point or mesh • Encryption at Layer 2, 3 or 4 as needed – match the encryption to the application • Based on FIPS-compliant technology from Senetas Compute and bandwidth efficiency • Greatly improved throughput, overhead and latency versus IPSec – 8-24 bytes O/H versus 76 • Minimizes cost of hosting server – no need for hardware appliances Encrypted connections can be shared by multiple applications • No need to rely on SD-WAN or firewall encryption • Encryption functionality is separated from VNFs for layered security • Eliminates need for piecemeal application security Automated key management for operational simplicity • No need for an externally managed IKE or PKI system
  • 14. © 2018 ADVA Optical Networking. All rights reserved.1414 Why use Ensemble Connector? Connector provides cloud-native computing (Linux/KVM/OpenStack), plus: 1. Accelerated vSwitch 2. Carrier Ethernet 2.0 3. Networking incl. LTE 4. Zero touch commissioning (ZTC) 5. Embedded cloud (OpenStack) 6. Integrated OS with open interfaces 7. Device scalability 8. Telco management 9. High availability 10. Platform security 11. Encryption engine 12. Local router 6. Ensemble Connector 7. Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM /QEMU 1. Virtual switch - Connector VNF / VM VNF / VMVNF / VM 2. CE 2.0 3. Network 8. Telco management 10. Security 4. ZTC Standard cloud environment Server – Intel Xeon ® and Intel Atom® Linux - CentOS Hypervisor – KVM / QEMU Virtual switch – OVS and DPDK VNF / VM VNF / VMVNF / VM 9. HA 5. OpenStack 11. Encryption 12. Local router
  • 15. © 2018 ADVA Optical Networking. All rights reserved.1515 © 2018 ADVA Optical Networking. All rights reserved. Confidential.15 Benefits of ConnectGuardTM Cloud Provided by Ensemble Connector Encryption
  • 16. © 2018 ADVA Optical Networking. All rights reserved.1616 Integrated key derivation function (KDF) • Integrated KDF for managing key lifecycle • Secure centralized key management that delivers keys from a FIPS-certified appliance • Automatic key updates managed with timestamps • Manages keys at Layer 2, 3 and 4 • FIPS-compliant technology for multi-layer encryption • Random number generator with equivalent entropy to hardware platforms • Scales to thousands of endpoints • No master/slave requirement • Zero touch provisioning
  • 17. © 2018 ADVA Optical Networking. All rights reserved.1717 Flexible encryption options • AES-256 CTR/GCM mode • Confidentiality only OR • Confidentiality + authentication • Multi-layer simultaneous encryption policies • Layer 2: Ethernet (MAC or VLAN) • Layer 3: IPv4/v6 subnets • Layer 4: IP + port • NAT passthrough • Netflow/Jflow support • Policy-based routing Low overhead per packet. Best case is one third of the overhead per packet compared to military grade IPSec. Overhead: • 8 bytes for encryption header (sender ID, key bank, frame counter) • 4 bytes additional header for TCP (layer 4 encryption only) • 16 bytes additional authentication data (optional)
  • 18. © 2018 ADVA Optical Networking. All rights reserved.1818 Centralized key distribution with KDF Optional alternative to integrated KDF • Single centralized platform for managing key lifecycle • FIPS-certified server* distributes keys to all endpoints • Key server is tiered and redundant for resiliency • Uses industry standard key management protocol (KMIP) • Control plane isolation • Scales to hundreds of thousands of endpoints • Policy driven by: • Single key management system for all data • Key management required on specific site • FIPS requirements *SafeNet KeySecure or Senetas hardware encryptor as server
  • 19. © 2018 ADVA Optical Networking. All rights reserved.1919 IPSec over internet Connector EncryptionPlain internet IPSec significantly impacts transmission performance Actual measurements from live test of 1Gbit/s traffic over internet Why not use IPSec? Throughput 56% – 86%* Latency: 37 – 79* ms Throughput 16% – 20%* Latency: 37 – 79* ms Throughput 56% – 95%* Latency: 37 – 79* ms *Depending on frame size 64-1M bytes
  • 20. © 2018 ADVA Optical Networking. All rights reserved.2020 © 2018 ADVA Optical Networking. All rights reserved. Confidential.20 Summary and additional resources
  • 21. © 2018 ADVA Optical Networking. All rights reserved.2121 Summary Enterprises are moving workloads into the cloud, including consumption of IaaS, PaaS, and SaaS services, in both multi-cloud and hybrid cloud models Achieving multi-cloud benefits requires efficient, secure and transparent connectivity Need a software solution that is compatible with uCPE and cloud deployments • Encrypt all the way into the cloud • Using low-cost uCPE servers at the customer site • Efficient and low-overhead encryption Benefits: • Transport of Layer 2 traffic over Layer 2 or Layer 3 access • Software solution that is compatible with existing encryption deployments • Ability to encrypt at Layers 2, 3 or 4 depending on requirements of the application • Efficient encryption minimizes required processing and network overhead • Modular, cloud native architecture – supports uCPE and public cloud, provides choice • Sophisticated key management • Turnkey solutions available
  • 22. © 2018 ADVA Optical Networking. All rights reserved.2222 Additional resources • Securing zero touch for uCPE deployments • Using the Cloud to Secure the Cloud • Security is a many-layered thing* • Meet Anna and the future of virtualized encryption in the cloud
  • 23. Thank you IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited. The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation. Copyright © for the entire content of this presentation: ADVA Optical Networking.