Arqit NetworkSecure™ Adaptor - Juniper
Juniper and Arqit VPN Encryption Solution
Integrated, Automated, On-Demand Quantum-Safe Protection of VPN Data Communications
Arqit and Juniper have partnered to deliver an industry-leading security solution by integrating Juniper SRX firewalls and virtual SRX firewalls (vSRX) with the QuantumCloudTM Symmetric Key Agreement Platform.
The solution provides quantum-safe symmetric keys that can be created and rotated on demand to encrypt and protect sensitive data between point-to-point VPN links.
It also delivers enhanced security against today’s human-in-the-middle attacks and the future quantum threat, reducing the administrative burden and inefficiencies of current asymmetric encryption solutionsBook a Demo
Encryption is an essential security and compliance control for safeguarding sensitive data against an increasingly sophisticated threat landscape
Symmetric keys are universally used to encrypt internet traffic; however, current approaches for generating shared symmetric keys between two endpoints are vulnerable to attack and difficult to set up and administer. These approaches include:
These are often complex, and if not correctly configured, organisations increase their risk of attacks and data breaches. There are additional potential risks in the future, posed by adversaries using quantum technology for decryption.
Physical delivery of cryptographic keys
This can be inefficient and restricts the ability to achieve the high-frequency, rapid, and on-demand symmetric key rotation associated with the highest level of security.
Arqit and Juniper have established a technology partnership to provide organisations with an additional layer of security to protect IPSec VPN traffic against current attacks and the quantum threat, both of which exploit weaknesses in asymmetric (public) key cryptography. The joint solution also improves efficiency, flexibility, and scalability at a lower cost.
Integration of the Juniper vSRX firewall with Arqit’s QuantumCloud SKA Platform provides quantum-secure symmetric keys that can be used to enhance the security and manageability of IPSec connections between customer locations.
Each vSRX firewall connects securely to its designated Arqit Adaptor over the local network, using mutually authenticated and encrypted TLS sessions. When point-to-point VPN sessions are initiated by Juniper firewalls or re-keying of existing tunnels is required, each participating firewall requests a shared quantum-safe key from its respective local network adaptor server, using the standardized ETSI 014 network protocol. The Arqit Adaptors agree to a shared symmetric key with each other, using the QuantumCloud SKA Platform as the key broker.
The keys are delivered in near real time to the requesting firewalls over the ETSI interface. The vSRX firewall uses the keys in constructing the IPSec VPN tunnel to provide enhanced data protection.
The vSRX firewall mixes the QuantumCloud keys with the IKEv2 negotiated keys as per RFC 8784 to construct the IPSec VPN tunnel that provides enhanced data protection.Get NetworkSecure Now
Creates quantum-secure data links and supports a quantum- secure deployment
Mitigates risks and complexities associated with PKI for data in transit protocols IPSec/IKE
Usable with existing and proven data encryption standards, such as AES 256 and compatible with RFC 8784 for mixing pre-shared keys in IKEv2
Scalable creation of shared symmetric keys between any connected SRX firewalls, no distribution of keys
Easy-to-use Arqit console for device management and policy enforcement, e.g. for device permissions, grouping, and key rotation rate
Supports zero-trust: Quantum-secure session keys are known only to SRX firewalls and never sent across the network