New XStream IP features, including AES-256 point-to-multipoint encryption, added to Q-NET satellite network
June 15, 2018
Paradise has today announced the immediate availability of AES-256 point-to-multipoint encryption for our Q-NET™ satellite network solution. Previously, AES-256 encryption has only been available on our point-to-point modems. The point-to-multipoint encryption provides the user with the option of using a unique encryption key at every remote site. This is used to encrypt the payload of all packets to be sent to the specific remote in the shared outbound from the hub Q-MultiFlex. This ensures each remote modem can access only its own traffic. This is crucial in situations where multiple different end user organisations share the same network infrastructure (VLANs used in isolation provide traffic separation but do not provide security). When AES-256 encryption is enabled then all user IP packets and M&C messages are encrypted, without any exceptions. The remote modem uses the same key to encrypt the data associated with its inbound carrier going back to the hub.
AES-256 is the strongest form of AES encryption and is the de-facto standard for state-of-the-art encryption systems. Encryption can be used to authenticate and validate the satellite link, assuming each link uses a unique key. If a link were to be established between modems where they do not share the same encryption key then, while the carrier could potentially be correctly demodulated and decoded, the packets would not be decrypted, meaning that a working link with valid data can only be established between authorised users.
AES encryption is part of XStream IP™, which is our integrated set of IP optimization and traffic management features designed for maximum reliability and bandwidth efficiency. Amongst the other new features included in the latest version of XStream IP™ is support for Virtual Routing and Forwarding (VRF) which allows multiple routing tables to exist within the modem at the same time. One of the common uses of VRF is to support inter-VLAN routing, which allows network devices on different VLANs to communicate with each other. VRF is now supported on all Paradise modem products.
The Q-NET™ satellite network platform is our scalable satellite communications system supporting highly-efficient bandwidth technology and advanced carrier and traffic management. Information on Q-NET™ can be found on our products page.
© 2014-2019 Teledyne Paradise Datacom