Protecting data in motion has become a high priority for a growing number of companies. As more companies face the real and growing threat of data theft, along with increased regulatory pressure to protect their data, encryption of data in motion has gone from a "nice to have" technology to a budgeted project. However, companies that have deployed IPsec VPNs across their network have discovered that while encryption is a great mode of data protection, the deployment and management of network encryption is difficult, time consuming and largely incompatible with other network requirements, such as flexibility, performance and intelligent traffic routing.
Protecting data in motion has been a best practice since the introduction of networking. As networking technologies have changed, so has the data in motion security technology. With today's IP based networks, the data in motion standard is IPSec for data packet protection and Internet Key Exchange (IKE) for point-to-point key management.
Adding data security to today's networks does not have to be overly complicated. While one could get the job done by spending the time and expense necessary to configure an IKE tunnel for each possible connection from each endpoint router, the availability of CipherEngine makes that option unnecessary and impractical. Hopefully, this whitepaper has provided its' readers with an understanding of the real issues that come from using IKE for network encryption and how CipherEngine eliminates these issues.