Today, communication and the exchange of data is part of the daily routine in all industries - whether companies, government agencies or critical infrastructure operators. Security is critical to success, because the data exchanged is strategic, personal, often mission-critical and mostly confidential. If data is not securely encrypted, hackers can read it, modify it or disrupt data transmission.

Infrastructure often lacks protection
Several examples from the recent past show how vulnerable organisations are. In October 2022, train services in Northern and Western Germany came to a complete standstill for several hours. The reason: unknown persons had cut Deutsche Bahn's fibre-optic cables, thereby shutting down the digital radio system. A few months earlier, a cyberattack severely limited satellite-based communications from wind turbines in Germany. Electricity production was able to continue unhindered. However, remote maintenance was disrupted. In the event of a problem, it could not have been solved remotely.

These attacks make it clear how great the effects of sabotage can be. And these attacks were only possible because the affected infrastructure was unprotected. The same goes for the transmission of highly sensitive information between different locations or data centres, because this data is often not, or insufficiently, protected against manipulation. Only highly secure encryption can really protect the data.

Network encryptors urgently needed
Anyone who wants to protect the integrity and confidentiality of their communication data when it leaves the company grounds therefore needs a network encryptor. These devices protect against espionage and manipulation of data transmitted via the Internet or Ethernet over fixed lines, radio kinks or satellite. As soon as the data leaves the company premises or data centre, it is encrypted for transport to the destination address. Once it arrives at its destination, the command is decrypted again, with the help of another device.

The challenge: Cryptographic protection should be highly secure and protect data from attackers. But, at the same time, it should not slow down a transmission. The key factor here is latency - the time it takes for data to travel from one point in a network to another.

An important factor for an efficient and secure encryption solution is the choice of the network layer. In principle, encryption is possible in every layer. Encryption on the Ethernet layer (layer 2) enables a particularly high data throughput with low latency, due to line redundancy and full meshing. Layer 2 encryption also encrypts the metadata of the communication partners. This makes them unreadable for unauthorised persons.

For companies that have an Ethernet network, layer 2 encryption is a good choice. Encryption at this layer provides basic security, with minimal performance loss, and users benefit from full line speed, with extremely low latency and encryption possible in real time. Layer 2 encryptors are suitable for use at central locations of critical infra-structures and in data centres, and also secure large and complex networks in a simple manner.

With over 30 years of crypto expertise, Rohde & Schwarz Cybersecurity is one of the pioneers in the field of network encryption. Its R&S SITLine ETH network encryptor product family - approved for securing classified data by the German Federal Office for Information Security - protects organisations from espionage and manipulation of data transmitted via Ethernet over fixed lines, radio links or satellite.