connectivity matters
BreadCrumb Security December 10, 2019  |  Written by

BreadCrumb® Security Assures the Safety and Integrity of Your Information

Rajant BreadCrumbs® offer many levels of encryption for your mesh network. From Access Control List (ACL) to MAC authentication, this article will cover the levels of encryption offered and how they protect your data.

Your initial line of defense is your network key. This setting is used for BreadCrumbs to authenticate with each other to send information between them. No connections can be made between BreadCrumbs without matching network keys. Once the network keys match, you can now begin to mesh between two points and pass data. Once packets are in the air, some standard crypto settings can be used to protect your information.

The first of these settings is packet cipher. Packet cipher is used to protect your information from eavesdropping. Eavesdropping is someone listening for a packet’s basic information. If a data packet is pulled down, your information will be encrypted on the level selected. Rajant offers varying levels of this setting from X-Salsa basic encryption to suite B military-grade encryption.

The next setting in our standard encryption methods is MAC address cipher. Similar to packet cipher, this setting protects listening devices to understand MAC addresses. This is used to prevent harmful devices from analyzing traffic patterns. Rajant offers levels of encryption on this setting from X-Salsa to suite B military-grade encryption.

The last setting in our standard encryption methods is a per-hop authentication algorithm. This setting is used to prevent packet injection and MAC spoofing into a Rajant mesh network, authenticating every packet on every hop for secured end-to-end protection. Rajant offers HMAC-SHA to Suite B military-grade encryption.

Rajant’s high-level security also extends to mesh endpoints. The ability to turn off unused Ethernet ports is a highly recommended and standard operating procedure when securing your mesh from end to end. Rajant also offers varying levels of security on access point connections—WEP, WPA, WPA2 personal, mixed, and enterprise—and supports authentication via a radius server for BreadCrumb login.

While BreadCrumbs work hard to protect your packets end to end, they also must be protected from people accessing them directly. Rajant BreadCrumbs come with the ability to set passwords for access via BC|Commander, using three levels of login with varying abilities, Crypto Officer, Admin, and View. Each of these passwords are used to protect your BreadCrumbs from being accessed, and without the password, there is no other way to log in.

Rajant BreadCrumbs also support Access Control List or ACL. BreadCrumbs can be set up to whitelist or blacklist based on MAC address. Whitelisting is only allowing information to pass with the MAC address input into the table. Blacklisting is preventing only the MAC addresses listed in the table. These ACL lists keep unwanted MAC addresses from sending or receiving information from your Kinetic Mesh®.

Reliable and secure communications are the backbone of the Rajant moto. 🖉

Tags: , , , , , ,