Service Providers need to help their customers secure their IT environments. In this blog, we discuss how Turnium’s SD-WAN security features help MSSP, MSP, ISP, UCaaS/CCaaS and other service providers meet customer needs for secure communications.
The Foundation: Balancing Algorithms as the First Line of Defense
Within Turnium’s SD-WAN architecture, balancing algorithms provide the initial layer of network security. By distributing packets across multiple circuits and transport options such as wireline and wireless (optionally), Turnium ensures that no single circuit holds the entirety of your data, providing an inherent defense against unauthorized access.
Turnium fragments the packet stream and distributes individual packets across all available circuits, making it challenging for potential bad actors to intercept and reconstruct a coherent data stream.
This capability applies both to data and to real-time communications such as voice and video. By distributing packets from a voice call across multiple circuits, Turnium delivers sub-second, automated failover to ensure that calls remain active, even if one specific ISP encounters network problems.
Adding QoS for Your Over-the-top Voice Customers
In addition to balancing algorithms, the bi-directional Quality of Service (QoS) capability in Turnium’s SD-WAN platform ensures that sites that purchase hosted voice or contact center from a Turnium Partner have real-time or priority voice, contact center, or video packets identified and transmitted first, even over broadband circuits. Turnium provides multiple levels of pre-configured QoS and customization.
Elevating Security with Industry Standard Protocols
Complementing the inherent security provided by its balancing algorithms, Turnium employs industry-standard security protocols. The first option available is HMAC (hash-based message authentication codes). By utilizing MD5 hashing and a 30-byte secret key, HMAC facilitates data integrity. Though HMAC doesn’t introduce secrecy, it empowers receivers to detect alterations made by potential attackers, bolstering the overall security framework.
Encryption: Fortifying Data & Voice or Video Confidentiality
For those seeking additional protection, Turnium SD-WAN offers data encryption, even for real-time traffic such as voice or video. Together with Turnium’s balancing algorithms, encryption enables broadband or internet circuits to be used securely for all methods of communication.
Turnium encrypts communications using the DTLS 1.2 protocol. DTLS is based on SSL/TLS, and is defined in RFC 4347 and RFC 6347.
Two industry-standard ciphers, AES 128 and AES 256, can be deployed together with perfect forward secrecy, safeguarding encrypted traffic even in the event of a compromised private key. Noteworthy is that encryption operates at the individual circuit level, enabling independent encryption for each circuit within a bonded setup.
Streamlined Implementation and Monitoring
Turnium prioritizes user-friendly interfaces for seamless implementation and monitoring of security measures as well as for setting up multi-link connectivity for single and multi-site customers.
Enabling encryption is a straightforward process, allowing users to effortlessly navigate through deployed sites and visualize applied security levels.
For optimum AES encryption performance on CPE or edge nodes Turnium should be deployed on CPE featuring Intel chips with AES offload support.
Balancing Security and Performance — Secure Communications for MSSP, MSP, ISP, UCaaS/CCaaS
Turnium’s SD-WAN solution, especially when deployed on devices with AES offload support, maintains high-security standards without compromising efficiency. The commitment to industry-standard ciphers and the seamless integration of security features make Turnium’s SD-WAN product an ideal choice for tech-savvy MSSP, MSP, ISP, and UCaaS/CCaaS providers that need to prioritize voice, video, and data security for their customers.
Stay informed on the latest advancements in SD-WAN technology and security best practices by subscribing to Turnium’s newsletter. Your network’s security is our top priority, and we’re committed to providing the technical community with cutting-edge insights into the world of SD-WAN.