CipherEngine Policy & Key Management Whitepaper

A Smarter Approach to Protecting Data in Motion

Protecting data in motion has become a high priority for a growing number of companies. As more companies face the real and growing threat of data theft, along with increased regulatory pressure to protect their data, encryption of data in motion has gone from a "nice to have" technology to a budgeted project. However, companies that have deployed IPsec VPNs across their network have discovered that while encryption is a great mode of data protection, the deployment and management of network encryption is difficult, time consuming and largely incompatible with other network requirements, such as flexibility, performance and intelligent traffic routing.

The heart of the problem is that organizations are trying to use a method managing encryption that was only designed to secure point-to-point links, not the any-to-any network in use today. Originally defined in 1998, IKE was and is a remarkably efficient and creative method for enabling shared encryption keys between two routers or VPN encryption blades. It is, however, very inefficient and complicated when it comes to encrypting data over modern networks.

Encryption often gets the blame for poor network performance (in terms of bandwidth and latency) and time-consuming management, but upon closer examination, one finds that the issue is not encryption, but encryption set-up and management. This white paper discusses the underlying issues with using a point-to-point policy and key management system for network encryption. It also introduces a policy and key management solution that makes network encryption quick to set up, easy to manage, and transparent to network and application performance and behavior...


  Read More - Download the entire whitepaper