Cryptographic Gateway

A cryptosluse is a software or hardware-software complex operating on the basis of VPN technology (Virtual Private Network – “virtual private network”) and providing “transparent” encryption of information network flows between objects that are remote from each other.

The use of cryptographic gateways is necessary if it is necessary to ensure the integrity and confidentiality of transmitted data that is sent over unsecured or unverified communication channels.
In this case, a VPN can be organized according to the principle of “network-network” or “network-remote user”. If the network-to-network principle is used, then a cryptographic gateway must be installed on both sides of the communication channel. In this case, the traffic between them will be encrypted. In the case of using the “network-remote user” principle, a software or hardware cryptographic gateway is installed on the server side, the user only needs to install a software client.

Information security audit

Learn more

Access to secure network resources

The access server (cryptographic gateway software) identifies and authenticates users and connects them to the necessary network nodes. The created secure channels form VPN networks.
To ensure the operation of such a network, specialized software (control center) is used, which manages local client security policies and sends configuration data to all users, maintains system logs.

Functional features

The basic functions of cryptographic gateways are as follows:

  • protecting the confidentiality and integrity of transmitted IP packets;
  • authentication of remote nodes and users;
  • hiding the topology of the internal network by encapsulating traffic in an encrypted data channel.

Cryptographic gateways often act as firewalls. But not in every case they can be as flexible and customizable, that is, they cannot match their functionality with a full-fledged firewall.

Differences and features of cryptographic gateways

To date, many technological and circuit solutions have been developed for the organization of secure data transmission over the network. The most common technology is a Hub–and-Spoke cryptographic security tool, in which each communication channel is connected to the center, and Full Mesh, in which all channels are connected to each other. Individual developers can implement VPN technologies in their own way.

From the point of view of the protocols used, cryptographic gateways with Virtual Private Network can be divided into:

  • proprietary protocols (privately developed) that are incompatible with any other solutions;
  • IPsec/IKE class protocols (IP Security and The Internet Key Exchange);
  • SSL/TLS class protocols (sockets layer and transport layer security).

Usage Scenarios

Cryptographic gateways can be used in the following cases:

  • To protect personal data on the network of a particular enterprise.
  • To protect confidential information in accordance with the current legislation of the Russian Federation. For example, while maintaining access to professional or commercial secrets, data about insured people, etc.
  • To protect data stored in the networks of executive authorities.
  • To prevent unauthorized interception of any information (for example, about commercial orders of various organizations, as well as services provided by them, if we are talking about government activities).
  • To protect data owned by any government agencies or enterprises working with government orders.
We use cookies to optimise website functionality and improve our services. To find out more, please read our Privacy Policy.
Cookies settings
Strictly necessary cookies
Analytics cookies