Traffic Squeezer - Dynamic Network Data Encryption
Traffic Squeezer is already a high-end core dynamic packet processing engine in its custom kernel source. With the same existing platform, soon after performing data-optimization, further the data can be compressed too if needed with any data encryption algorithms. To achieve data encryption, TS may use any third-party open-source standard encryption algorithm libraries.
The traffic encryption may be supported in TS itself since if there is any obvious clear-text traffic getting optimized in the TS core soon after that the compression is done, the same can be quickly encrypted too. This will optimize the overall through-put and computational latency of the same required desired output if done using two separate boxes say one does WAN Optimization alone and other does Traffic Encryption alone. Hence this feature is also bundled with the TS. The data encryption feature is optional so that users can enable or disable the same based on the requirement. Also they can pick desired encryption algorithm and a specific level of security on the traffic they need to implement.
Interestingly the fact is that TS would have the best of best options when it comes to data-encryption. The idea is that encryption in TS would be so much flexible and scalable solution and even a complex key sharing mechanism across the devices would have many choices to the users. Still if any of the algorithms TS uses gets outdated or say even if it gets hacked by hackers, still within no time the user can switch-in into a complete different encryption strategy and a complete different key sharing mechanism. Hence, TS would be offering encryption services of what really WAN demands.
If data is transmitted through Internet based VPN Channel, then these encryption mechanisms can be disabled in TS, since encryption is already supported in VPN tunnels.
Also TS would be much expected to be smarter that when encryption done on the WAN Traffic, we can set any rules to ignore what traffic types to encrypt and what not to encrypt. In case if the users use SSH sessions, SSL, HTTPS or SCP or SFTP across WAN links then there is no need to compress this pre-encrypted traffic, hence TS would not compress any pre-compressed traffic types and can be enabled or disabled with a touch of a command or a setting in its web-interface.
Also there would be an excellent plugable/add-on options, even if a specific security mechanism gets outdated the same can be disabled even during building the TS machine, which reduces the runtime or even static disk/RAM memory foot-print.
The dynamic network data encryption feature in TS is yet to be supported in the current on-going TS source-code. Once supported the configuration options and details would be specified in the TS User Documentation.
