Protect the security of critical data over public and private networks with Assure VPN Exoskeleton!

Problem

Access to critical data within your organisation and by contractors outside of your organisation is often protected by using virtual private networks (VPN).  There are two common VPN protocols: IPsec and SSL VPN.  Both these VPN protocols rely on at-risk standards based cryptography to perform key-exchange and authentication operations between users.  When these at-risk components fail, VPN traffic previously recorded in "wait-and-see" attacks will be discoverable at that time by an attacker.

If your organisation employs VPN technologies then the sensitive information you entrusted to these technologies may be exposed in the relatively near future!

Solution

Synaptic Labs' Assure VPN Exoskeleton will address these known risks by wrapping around and protecting IPsec and SSL VPN traffic.

Specifically, one Assure VPN Exoskeleton is placed in front of the VPN Server and another in front of the VPN Client.  The two Exoskeletons monitor the Internet facing traffic of the VPN software and protect the at risk portions of the VPN traffic using robust post quantum secure techniques.  The standards based VPN protocols are not modified, and the interoperability between VPN products is maintained.

For performance sensitive applications, only the cipher parts that are known today to be at risk of catastrophic failure are protected.  For applications that require long term security assurances the full range of defensive counter-measures are applied.  These defensive counter measures are designed to protect your data in the advent that the practical security of AES-256 is compromised by new attacks that have not been invented yet.

Protection with minimal disruption

VPN client software, such as those included in Microsoft, Apple and Linux operating systems can be protected without modification.  VPN server software hosted on desktops can be protected without modification.  Independent security boundaries can be enforced by running the Assure VPN Exoskeleton on a computer or hardware security module that is independent of the VPN server software/hardware.

VPN services implemented in VPN hardware devices (such as routers) will be implemented easily by the VPN manufacturer using our software development kit (currently in development) and supplied as a firmware update to run in existing customer hardware.

Protecting large and complex legacy systems with minimal disruption

An organisation will be able to deploy the Assure VPN Exoskeleton to protect all existing IT investments without modifying existing software or hardware, even if the original vendors do not integrate the Assure technologies directly into their products.  This is a critical feature as large organisations require the ability to rapidly and uniformly upgrade all parts of their infrastructure with minimum disruption, minimum barriers and a minimum of adjustment.  They also require the ability to do this without compromising or removing existing FIPS 140 compliance.

An added benefit is that the Assure VPN Exoskeleton will be designed to support centralised auditing and access control by your organisation, allowing legacy components to be upgraded to satisfy new legislative security requirements.

A smart card and hardware security module based solution

The Assure VPN Exoskeleton employs Assure Tokens (in the form of smart cards or hardware security modules) on the client and server side to achieve unprecedented levels of long-term security assurance at low cost, protecting an organisation's information assets and their investments through the application of Synaptic Labs' post quantum security technologies.