TRU-SECC
TRU-3-SECC PCC TRU-3
  • Trusted - Telecom - Transport
  • Redundant  - Reliable -  Rails
  •        Uninterrupted - Unified - UserSpace
SECC = Secure Electronic Communication Circuits. PCC = Private Communications Circuit The ECI TruSecc PCC is a specialized communication protocol that is the layer for our network topology was developed over 12 years from the technologies of DecNet, Token, Mesh, FiberNet, ARC, MPM, TurboDOS, AIX, VMS, NetBui, IPX/SPX, RDP, VNC, and VPN. Our system overcomes the security factor using dedicated hardware, IoT, SDN, special tunneling protocols and military based encryption procedures.  TruSecc is a truly protected secured network. Since these operations occur over any type of communications network, our PCC solutions can cost significantly less to implement than privately owned or leased services. (more…)
Hardened Security
One of the often-repeated maxims of network communication security is that one should never place so much trust in a single security component that its failure causes a catastrophic security breach. We use several mechanisms to add additional security layers to hedge against such an outcome. The tls-auth directive adds an additional HMAC signature to all SSL/TLS handshake packets for integrity verification. Any UDP packet not bearing the correct HMAC signature can be dropped without further processing. The tls-auth HMAC signature provides an additional level of security above and beyond that provided by SSL/TLS. It can protect against:
  • DoS attacks or port flooding on the OpenVPN UDP port.
  • Port scanning to determine which server UDP ports are in a listening state.
  • Buffer overflow vulnerabilities in the SSL/TLS implementation.
  • SSL/TLS handshake initiations from unauthorized machines (while such handshakes would ultimately fail to authenticate, tls-auth can cut them off at a much earlier point).
Using tls-auth requires that you generate a shared-secret key that is used in addition to the standard RSA certificate/key:
ECI TruSecc PCC-VPN

ECI TruSecc PCC-VPN Our PCC (Private Communication Ciruit) framework is based on OpenVPN's VPN security model and RealVNC RFB protocol for VNC can be summarized as such: Use the IPSec ESP protocol for tunnel packet security, but then drop IKE in favor of SSL/TLS for session authentication. This allows for a lightweight, portable VPN implementation that draws on IPSec's strengths, without introducing the complexity of IKE.

PCC stands for Private Communication Circuit.  PCC’s Benefit a company in the following ways -

  • Extends Geographic Connectivity- a PCC connects remote workers to central resources, making it easier to set up global operations.
  • Boosts Employee Productivity- A PCC solution enables telecommuters to boost their productivity by 22% - 45% (Gallup Organization and Opinion Research) by eliminating time-consuming commutes and by creating uninterrupted time for focused work.
  • Improves Internet Security – An always-on broadband connection to the Internet makes a network vulnerable to hacker attacks. Our PCC  solutions include additional security measures to counteract the different types of network security threats.
  • Scales Easily – A PCC allows companies to utilize the remote access infrastructure. Therefore, companies are able to add a virtually unlimited amount of capacity without adding significant infrastructure.
First we use hardware encryption generated and managed inside the infrastructure of the circuit thru our router nodes that connect every location over the internet but on its own private IP address space.  Once this network is established we use Host based VPN’s to double encrypt and further obfuscate the network. This second tunnel serves to segregate users and applications to reduce exposure an eliminate target illumination. A low level of “squitter traffic generated on the hardware encrypted network to maintain network quality and performance. This also obfuscates all metadata available to external sources. While it's impossible to assure with certainty that no weaknesses exist, ECI's TruSecc has multiple levels of security to protect against a single flaw causing a catastrophic security breach. For example, by using a specific null accounts you can ensure that even if some kind of remote buffer overflow exploit were discovered, the exploit would be unable to elevate its privilege to root. Another example is using SSL/TLS security with --tls-auth. Using --tls-auth ensures that even if a remote buffer overflow is discovered and exploited in the SSL/TLS authentication code in the OpenSSL library, it could not be used to attack an OpenVPN session that is protected with a --tls-authpassword. In addition, if you use SSL/TLS authentication, you have the benefit of "perfect forward secrecy". Overkill? Maybe but why not be "DeepSec" with "TruSecc" if you can? Virtual. Virtual means not real or in a different state of being. In a VPN, private communication between two or more devices is achieved through a public network the Internet. Therefore, the communication is virtually but not physically there. Private. Private means to keep something a secret from the general public. Although those two devices are communicating with each other in a public environment, there is no third party who can interrupt this communication or receive any data that is exchanged between them. Network. A network consists of two or more devices that can freely and electronically communicate with each other via cables and wire. A VPN is a network. It can transmit information over long distances effectively and efficiently. Secure Sockets Layer (SSL) is a cryptographic protocol that enables secure communications over the Internet. SSL was originally developed by Netscape and released as SSL 2.0 in 1995. A much improved SSL 3.0 was released in 1996. Current browsers do not support SSL 2.0. Transport Layer Security (TLS) is the successor to SSL. TLS 1.0 was defined in RFC 2246 in January 1999. The differences between TLS 1.0 and SSL 3.0 were significant enough that they did not interoperate. TLS 1.0 did allow the ability to downgrade the connection to SSL 3.0. TLS 1.1 (RFC 4346, April 2006) and TLS 1.2 (RFC 5246, August 2008) are the later editions in the TLS family. Current browsers support TLS 1.0 by default and may optionally support TLS 1.1 and 1.2. Hypertext Transfer Protocol Secure (HTTPS), or “HTTP Secure,” is an application-specific implementation that is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS. HTTPS is used to provide encrypted communication with and secure identification of a Web server. In addition to HTTPS, SSL/TLS can be used to secure other application-specific protocols such as FTP, SMTP, NNTP and XMPP. Virtual Network Computing (VNC) is a process by which a system’s desktop can not only be viewed but also engaged in an interactive session as well. The use of such a tool gives the system administrator the ability to administer and troubleshoot a system remotely. In this way, a target system on the next floor, the next building or even at an employee’s home is within reach. There are other methods available of establishing this type of remote viewing. The obvious example is Symantec’s PCAnywhere(http://www.symantec.com/pcanywhere/Consumer/). A VPN - Virtual Private Network - is one solution to establishing long-distance and/or secured network connections. VPNs are normally implemented (deployed) by businesses or organizations rather than by individuals, but virtual networks can be reached from inside a home network. Compared to other technologies, VPNs offers several advantages, particularly benefits for wireless local area networking. For an organization looking to provide a secure network infrastructure for its client base, a VPN offers two main advantages over alternative technologies: cost savings, and network scalability. To the clients accessing these networks, VPNs also bring some benefits of ease of use. A VPN supplies network connectivity over a possibly long physical distance. In this respect, a VPN is a form of Wide Area Network (WAN). The key feature of a VPN, however, is its ability to use public networks like the Internet rather than rely on private leased lines. VPN technologies implement restricted-access networks that utilize the same cabling and routers as a public network, and they do so without sacrificing features or basic security. A VPN supports at least three different modes of use: Remote access client connections LAN-to-LAN internetworking Controlled access within an intranet Virtual private networks (VPNs) are generally considered to have very strong protection for data communications. What are the key VPN security technologies? So-called secure VPNs provide both network authentication and encryption. Secure VPNs are most commonly implemented using IPsec or SSL. Using IPsec for VPN Security IPsec has been the traditional choice for implementing VPN security on corporate networks. Enterprise-class network appliances from companies like Cisco and Juniper implement the essential VPN server functions in hardware. Corresponding VPN client software is then used to log on to the network. IPsec operates at the layer 3 (the Network layer) of the OSI model. Using SSL for VPN Security SSL VPNs are an alternative to IPsec that rely on a Web browser instead of custom VPN clients to log on to the private network. By utilizing the SSL network protocols built into standard Web browsers and Web servers, SSL VPNs are intended to be cheaper to set up and maintain than IPsec VPNs. Additionally, SSL operates at a higher level than IPsec, giving administrators more options to control access to network resources. However, configuring SSL VPNs to interface with resources not normally accessed from a Web browser can be difficult. Limitations of a VPN Despite their popularity, VPNs are not perfect and limitations exist as is true for any technology. Organizations should consider issues like the below when deploying and using virtual private networks in their operations: 1. VPNs require ?a detailed understanding of network security issues and careful installation / configuration to ensure sufficient protection on a public network like the Internet. 2. The reliability and performance of an Internet-based VPN is not under an organization's direct control. Instead, the solution relies on an ISP and their quality of service. 3. Historically, VPN products and solutions from different vendors have not always been compatible due to issues with VPN technology standards. Attempting to mix and match equipment may cause technical problems, and using equipment from one provider may not give as great a cost savings. The term “VPN,” or Virtual Private Network, has become almost as recklessly used in the networking industry as has "QoS"  (Quality  of  Service) to describe a broad set of problems and "solutions," when the objectives themselves have not been properly articulated.  This confusion has resulted in a situation where the popular trade press, industry pundits, and vendors and consumers of networking technologies  alike, generally use the term “VPN” as an offhand reference for a set of different technologies. This paper attempts to provide a common sense definition of a VPN, and an overview of different approaches to building them.

TRU-SECC

TRU-3-SECC PCC

TRU-3

  • Trusted – Telecom – Transport
  • Redundant  – Reliable –  Rails
  •        Uninterrupted – Unified – UserSpace

SECC = Secure Electronic Communication Circuits.

PCC = Private Communications Circuit

The ECI TruSecc PCC is a specialized communication protocol that is the layer for our network topology was developed over 12 years from the technologies of DecNet, Token, Mesh, FiberNet, ARC, MPM, TurboDOS, AIX, VMS, NetBui, IPX/SPX, RDP, VNC, and VPN.

Our system overcomes the security factor using dedicated hardware, IoT, SDN, special tunneling protocols and military based encryption procedures.  TruSecc is a truly protected secured network. Since these operations occur over any type of communications network, our PCC solutions can cost significantly less to implement than privately owned or leased services. (more…)

PCC - Global
21%
PCC - USA
46%
PCC-Europe / Asia
46%
PCC - Africa
31%
TRU-SECC RFC
63%

Our Technology

Overview

ECI TruSecc PCC-VPN

TRU-SECC

ECI RFC’s

Infrastructure & Technology

Why Choose Us

Hardened Security
One of the often-repeated maxims of network communication security is that one should never place so...
ECI TruSecc PCC-VPN
ECI TruSecc PCC-VPN Our PCC (Private Communication Ciruit) framework is based on OpenVPN's VPN se...
TRU-SECC
TRU-3-SECC PCC TRU-3 Trusted - Telecom - Transport Redundant  - Reliable -  Rails     
DeepSec
DeepSec - is our "Under-Ware".  The concept comes from the creation of a hybrid combining operating
VPN
In the context of RFC 2547bis, our PCC is a collection of policies, and these policies control conne...

Meet Our Team

Scott Provost
VP Engineering
Leland Brady
Sr VP
Jerry Byrd
VP Operations

OUR FACTS

99
Circuits
99
PCC Nodes
99
ECI-POP's
99
SDN's

We are Associated with

logo logo logo logo

Facts in Evidence

Hardened Security

One of the often-repeated maxims of network communication security is that one should never place so much trust in a single security component that its failure causes a catastrophic security breach. We use several mechanisms to add additional security layers to hedge against such an outcome. The ...

Latest Posts

Secure Email Options for Message Privacy
June 21, 2017
Fairly Secure, Actually via Creative Commons Search Many of us had assumed our feeble Gmail passwords were secure enough to ke...
Security Overview
April 15, 2017
OpenVPN cryptographic layer This is a technical overview of OpenVPN's cryptographic layer, and assumes a prior understanding of modern cryptographic concep...

Contact Us

  • Minnesota, California, Texas, New York, Florida, Nigeria, Kenya, Israel
  • Phone: 800 568-4324
  • Email: security@ecinetworks.com
  • Website: http://trusecc.com