TRU-3-SECC PCC
TRU-3
- Trusted – Telecom – Transport
- Redundant – Reliable – Rails
- Uninterrupted – Unified – UserSpace
SECC = Secure Electronic Communication Circuits.
PCC = Private Communications Circuit
The ECI TruSecc PCC is a specialized communication protocol that is the layer for our network topology was developed over 12 years from the technologies of DecNet, Token, Mesh, FiberNet, ARC, MPM, TurboDOS, AIX, VMS, NetBui, IPX/SPX, RDP, VNC, and VPN.
Our system overcomes the security factor using dedicated hardware, IoT, SDN, special tunneling protocols and military based encryption procedures. TruSecc is a truly protected secured network. Since these operations occur over any type of communications network, our PCC solutions can cost significantly less to implement than privately owned or leased services.
In order to understand “TruSecc” the following terms are required concepts
Virtual.
Virtual means not real or in a different state of being. In a VPN, private communication between two or more devices is achieved through a public network the Internet. Therefore, the communication is virtually but not physically there.
Private.
Private means to keep something a secret from the general public. Although those two devices are communicating with each other in a public environment, there is no third party who can interrupt this communication or receive any data that is exchanged between them.
Network.
A network consists of two or more devices that can freely and electronically communicate with each other via cables and wire. A VPN is a network. It can transmit information over long distances effectively and efficiently.
Communications:
information exchanged, information transmitted or conveyed a verbal or written message. A process by which information is exchanged between individuals through a common system of symbols, signs, or behavior the function of pheromones in insect communication; also exchange of information. A system (as of telephones, telegraphs, or computers) for transmitting or exchanging information wireless electronic communications. A system of routes for moving , data, troops, supplies, and vehicles, personnel engaged in communicating, personnel engaged in transmitting or exchanging information. The technology of the transmission of information (as by print or telecommunication). Means of sending messages, orders, etc., including telephone, telegraph, radio, and television. Routes and transportation for moving troops and supplies from a base to an area of operations. Biology – activity by one organism that changes or has the potential to change the behavior of other organisms. The transfer of information from one cell or molecule to another, as by chemical or electrical signals.
Circuit:
Electricity. Also called electric circuit. the complete path of an electric current, including the generating apparatus, intervening resistors, or capacitors. Any well-defined segment of a complete circuit. Telecommunications. a means of transmitting communication signals or messages, usually comprising two channels for interactive communication. A usually circular line encompassing an area. The space enclosed within such a line. A course around a periphery. The complete path of an electric current including usually the source of electric energy. An assemblage of electronic elements. Hookup a two-way communication path between points (as in a computer. A neuronal pathway of the brain along which electrical and chemical signals travel.
In electronics, a circuit is a path between two or more points along which an electrical current can be carried. (A circuit breaker is a device that interrupts the path when necessary to protect other devices attached to the circuit – for example, in case of a power surge.) In telecommunications, a circuit is a discrete (specific) path between two or more points along which signals can be carried. Unless otherwise qualified, a circuit is a physical path, consisting of one or more wires (or wireless paths) and possibly intermediate switching points. A network is an arrangement of circuits. In a dial-up (switched) connection, a circuit is reserved for use by one user for the duration of the calling session. In a dedicated or leased line arrangement, a circuit is reserved in advance and can only be used by the owner or renter of the circuit.
Rail:
Electronics – A conductor which is maintained at a fixed potential and to which other parts of a circuit are connected. “the anode must be connected to the positive supply rail”
Virtual circuit:
Sometimes called a logical circuit, is a path between two or more points that seems like a fixed physical path, but actually is one path out of many possible physical paths that can be arranged. A permanent virtual circuit(PVC) is a virtual circuit that provides a guaranteed connection between two or more points when needed without having to reserve or commit to a specific physical path in advance.
This allows many companies to share a common pool of circuits. This approach is used in a frame relay network and offers a committed set of resources to a telephone company customer at a lower price than if the customer leases their own circuits. A switched virtual circuit (SVC) is similar to a permanent virtual circuit, but allows users to dial in to the network of virtual circuits.
VPN:
Virtual Private Network is a generic term used to describe a what is generally called a communication network that uses any combination of technologies to secure a connection tunneled through an otherwise unsecured or untrusted network. Instead of using a dedicated connection, such as leased line, a “virtual” or “tunneled” connection is made between geographically dispersed users and networks over a shared or public network, like the Internet.
Data is transmitted as if it were passing through private connections. Prior to transmission packets are encapsulated (wrapped) in a new packet, with a new header. Contained in the header is routing information. This logical path that the encapsulated packets travel through is called a tunnel. When each packet reaches the tunnel endpoint, it is “decapsulated” and forwarded to its final destination. Both tunnel endpoints need to support the same tunneling protocol.
Tunneling protocols are operated at either layer 2 or layer 3 of the OSI model (Open Systems Interconnection). Layer-2 VPN uses the layer 2 frame such as the Ethernet while layer-3 uses layer 3 packets such as IP. Layer-3 VPN starts at layer 3, where it discards the incoming layer-2 frame and generates a new layer-2 frame at the destination. The most commonly used tunneling protocols are IPsec, L2TP, PPTP and SSL. A packet with a private non-routable IP address can be sent inside a packet with globally unique IP address, thereby extending a private network over the Internet.
A Virtual Private Network, is defined as a network that uses public network paths but maintains the security and protection of private networks.
1) Provider-provisioned VPN: VPN service administered by service provider.
2) Secure VPN: Encryption and decryption are used.
3) Trusted VPN: Leased circuits supplied by a service provider.
4) Hybrid VPN: A mix of a secure and trusted VPN.
A VPN supports at least three different modes of use:
1) Remote access client connections
2) LAN-to-LAN internetworking
3) Controlled access within an intranet
A specially designed router or switch is then connected to each Internet access circuit to provide access from the origin networks to the VPN. The VPN devices create PVCs (Permanent Virtual Circuit- a virtual circuit that resembles a leased line because it can be dedicated to a single user) through tunnels allowing senders to encapsulate their data in IP packets that hide the underlying routing and switching infrastructure of the Internet from both the senders and receivers.
The VPN device at the sending facility takes the outgoing packet or frame and encapsulates it to move through the VPN tunnel across the Internet to the receiving end. The process of moving the packet using VPN is transparent to both the users, Internet Service Providers and the Internet as a whole. When the packet arrives on the receiving end, another device will strip off the VPN frame and deliver the original packet to the destination network.
VPNs require a detailed understanding of network security issues and careful installation / configuration to ensure sufficient protection on a public network like the Internet.
2. The reliability and performance of an Internet-based VPN is not under an organization’s direct control. Instead, the solution relies on an ISP and their quality of service.
3. Historically, VPN products and solutions from different vendors have not always been compatible due to issues with VPN technology standards. Attempting to mix and match equipment may cause technical problems, and using equipment from one provider may not give as great a cost savings.
The security configuration has to be protected 100% against tampering from the user, as it is impossible to ensure the security of a home users pc, if you can not be certain it keeps the configuration you give it. It must enable your IT-staff, to ensure the anti-virus definitions, IDS signatures etc. are kept up to date – by enabling them to manage it from the company network. It must have the ability to disconnect the VPN-tunnel – and preferably disconnect the network entirely, if any incidents occur
.
It must as a minimum, ensure that all the relevant security software are running and correctly configured, while the VPN-tunnel is open. Optimally, it should protect the pc at all times, so the user can thrust his pc at all times, and to avoid locally accessible company documents and the likes, from exposure while the VPN-tunnel is closed.
It should be remotely configurable, by your IT-staff. Centralized management is much more effective when dealing with remote users PC’s (otherwise they would have to bring the pc to the office for each needed change – and if the need arises for a quick configuration change, while the user and his pc is away on travel, you have a problem)