- Solutions
- Products
- Services & Support
- Blog
- About
- Contact
Point to point or multi-point: securely connected with Centurion.
Using the Centurion Network Encryptors, (als called layer-2 encryptors and layer-2 over layer-3 encryptors) you can easily and cost-effectively secure broadband communications. It is the securest way to connect two or more sites. Through its native support of Ethernet and IP Centurion is ideal for all layer-2 encryption and layer-3 encryption over carrier Ethernet, MPLS and IP networks in any configuration: link, point-to-point, point-to-multipoint or mesh. No network reconfiguring nor sacrificing performance is required.
Securing networks is the prime domain of the Securosys Centurion Network Encryptor (layer-2 encryptor and layer-2 over layer-3 encryptor). Simple use case range from a point to point setup to connect headquarters to its datacenter and expand to complex multi-site systems connecting hundreds of sites. Using the proven, industry standard 256 bit AES algorithm with symmetrical AES-GCM authentication combined with true random number generators with quantum effects results in the securest solution for any communications system. Centurion Network Encryptors operate at bandwidths from 100Mbit/s to 100Gbit/s.
Encryption, key exchange, and signature are using the strongest commercially available algorithms with key strength of 256 bits. The mature and proven key management supports both paired keys as well as bi-directional group keys and handles even the most complex network topologies with ease. The partial keys of the asymmetric Diffie-Hellman key exchange are signed and encrypted with a 256 bit AES key, resulting in a quantum computer safe key exchange. On top, the entire control plane is encrypted using authenticated symmetrical AES-GCM encryption at the native network layer. All processes, including key storage, take place in tamper-proof boxes, limiting any attack vectors.
The Centurion Network Encryptors (layer-2 encryptor and layer-2 over layer-3 encryptor) combine a secure device with a secure data plane, a secure control plane, and a secure management plane. They provide a protection level of "High Assurance" and are the best choice for the protection of government and enterprise multi-site networks with high security requirements. For the most stringent security requirements, the Centurion Network Encryptors also provide the option of traffic flow security, a mechanism that completely obfuscates network traffic. The Centurion Network Encryptors can secure your networks in a way that leaves any attacker frustrated. Uncompromising security. "Deploy and forget" instead of "patch and pray" also reduces operating costs and increases availability.
The Centurion Network Encryptors include extensive multi-tenancy support and are also a perfect fit for managed security services. They integrate seamlessly with existing Network Operation Center (NOC), and Security Operation Center (SOC). Centurion is particularly suitable when high availability with low latency is required and where communications between servers, PBXs, terminal systems, databases and audio / video systems must be protected.
The Centurion Network Encryptors (layer-2 encryptor and layer-2 over layer-3 encryptor) provide secure encryption without the need to replace the whole network infrastructure. The Centurion appliance is autonomous and operates independently in point-to-point or large WAN networks. It is transparent to all higher layer network protocols. It is drop-in, that means it can be deployed without changing the network infrastructure or changing other network devices. It allows organizations to implement a security solution quickly with minimal network disruption while preserving current investments.
Centurion systems provide a stable backbone to any multi-site infrastructure. Thanks to its uncompromising security remote sites can connect to headquarters on the network level. It is designed with the focus on “deploy and forget” rather than a constant “patch and pray”. This reduces operating cost and increases availability – key performance indicatiors in any communications system.
Supported networks
Supported topologies
Assurance Level
High
Your investment is protected
Triple network security
Authenticated encryption
Short key renewal intervals (Frequent change of keys reduces amount of data available for crypto analytics)
Quantum computer safe key exchange: Diffie-Hellmann partial keys are signed/encrypted with a symmetrical AES 256 bit key and control plane is additionally secured using the same protection level as for the data plane.
Perfect forward secrecy due to asymmetric Elliptic Curve Diffie-Hellman with 521 bit encryption technology (AES256-GCM, 512Bit ECC)
Simple setup, configuration, and operation
Hardware true random number generation (TRNG) using two different stochastic physical quantum effects.
Optional trafficflow security
Interoperable with other Securosys products
No modification of existing network infrastructure
No change to existing redundancy setup
Please find here our product overview or solutions overview page.