I'm looking for the simplest way to do it. Most customers have L2 connections between Data Centers. The edge device controlled by the customer is a Layer 2 Switch. The mechanisms like IPSec, GETVPN, FlexVPN, an so on, need a router in the edge. This implies modification of the customer's topologies. L2 encryption seems the perfect solution and it seems there are several options on the market.
Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net -----Original Message----- From: Jeff Orr [mailto:j...@communicorr.com] Sent: domingo, 2 de Fevereiro de 2014 17:25 To: Antonio Soares Cc: <cisco-nsp@puck.nether.net> Subject: Re: [c-nsp] Transparent WAN Encryption If you are using a private MPLS (I.e. Not over Internet) & have Cisco CE routers consider GETVPN. For the reasons you mentioned, we as a customer went this direction. We needed to ensure our WAN (150 sites/multiple data centers)traveling across a variety of links/providers including DS1/DS3/Metro-e is secure. It has really scaled & worked well. GETVPN is VRF aware & can function on the PE side as well. -jeff Sent from my AT&T iPhone > On Feb 1, 2014, at 9:16 PM, Antonio Soares <amsoa...@netcabo.pt> wrote: > > Hello group, > > > > Service Provider WAN links are not secure anymore and I have more and > more enterprise customer asking transparent WAN encryption solutions. > I came across these two products: > > > > EncryptTight: > > > > http://www.blackbox.com/Store/Results.aspx/Networking/Security-Optimiz > ation/ > Encryption/n-4294953119 > > > > TrustNet: > > > > http://www.certesnetworks.com/securitysolutions/wan-encryption.html > > > > Anyone has experience with these products ? This seems the ideal solution. > The networks remain exactly the same as they were, we simply add these > devices to do their job. > > > > > > Thanks. > > > > Regards, > > > > Antonio Soares, CCIE #18473 (RS/SP) > amsoa...@netcabo.pt > > http://www.ccie18473.net <http://www.ccie18473.net/> > > > > > > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/