The only thing harder than planning for a security breach
is explaining why you did not.

Why secure your wireless transport network?

An unsecured network can result in:

  • Lost data (your customer’s and/or your organization’s)
  • Network downtime
  • Impacts to critical infrastructure (failure or downtime)

Secure Management

protects backhaul networks from unauthorized internal and external access and control risks and threats.

How / What:

  • Highly customizable individual user account privileges
    TLS v1.2 secure tunneling supported by craft interface tools, such as Aviat’s Portal
    SNMP v3 compatible NMS terminals, such as Aviat’s ProVision

Secure Authentication

(RADIUS/TACACS+) simplifies the management of large networks. Reduces errors.Automated processing.

How / What:

  • RADIUS is a networking protocol providing access to centralized Authentication, Authorization, and Accounting (AAA) management
    RADIUS protocol allows the radio to interface with a centralized AAA server (sometimes called a “RADIUS server”)

AAA servers are typically used to:

  1. Authenticate users or devices before granting them access to a network
  2. Authorize those users or devices for certain network services and
  3. Account for usage of those services

Payload Encryption

Prevents any interception of your traffic by unauthorized third parties who may be trying to “listen in” to your network with monitoring, or “sniffing,” equipment.

How / What:

  • Aviat’s Payload Encryption feature enables very robust payload security for data and management traffic.
  • It supports AES-128, AES-192 and AES-256 symmetric keys and using the industry-standard Diffie-Hellman Key agreement method with modulo of at least 2048 bits.

Did you know!

Eclipse Payload Encryption combination will be not be repeated on average for more than 800 years

Eclipse security is:

  • FIPS 140-2 Level 2 validated – Support for secure management over unsecured networks through use of secure protocols (FIPS approved algorithm: HMAC, SHS, RSA, DRBG, AES, Triple-DES, CVL; Other algorithms: RSA, MD5, DES) based on FIPS 140-2 validated algorithms.
    • Eclipse cryptographic module (multi-chip standalone) meets the overall requirements applicable to Level 2 security of FIPS 140-2. Additionally,
      • Cryptographic module specification at level 3
      • Design assurance at level 3
    • Confirmation is available at, (Certificate #2869, March 2017)
  • FIP-197 certified (NIST validated) 128-bit or 256-bit AES encryption for payload encryption (e.g. AES-128, AES-256, 3DES, DES) of communications and OAM traffic.
  • RADIUS capability and centralized AAA domain server support for user authentication to track all authorized and unauthorized user activity and points of entry
  • Four categories of access privileges to create any type of highly customized user profiles that are most appropriate for your network
  • Capability to disable all unsecured physical ports for each radio link to prevent unauthorized connections and system break-ins
  • Extensive track record with US federal agencies, departments and authorities
  • NTIA (SPS/IRAC) certifications
  • DoD JF-12 certification

Comprehensive Embedded Security in Microwave Networks White paper: Comprehensive Embedded Security in Microwave Networks
This paper talks about what's required for a high level of security for both microwave payload and management traffic.

Strong Security on Eclipse Packet Node Overview: Strong Security on Eclipse Packet Node
Even though microwave communications have some built-in security-like features such as scrambling, narrow beamwidth, proprietary airframe, coding and other factors, it is not very hard for them to be broken by those with the proper expertise. Some vendors even openly offer commercial microwave interception systems for “legitimate” monitoring. This and the growing sophistication and willingness of those attempting to break into wireless networks makes a high level of security for microwave more important than ever...

FIPS 140-2 Presentation: FIPS 140-2
This presentation explains the Federal Information Processsing Standard (FIPS) 140- 2. What is it and why should you care?

FIPS A Security Primer for a Wild Wireless World Technical paper: FIPS A Security Primer for a Wild Wireless World
A technical note on FIPS Security - What is it and why is it important?

Secure and Reliable Microwave Solutions Specialist Flyer: Secure and Reliable Microwave Solutions Specialist
With over 50 years of industry experience, Aviat Networks knows microwave transmission better than anyone, and now we are delivering the next generation of Mission Critical microwave networking solutions that bring together high performance radio transmission, advanced data networking and smart network evolution to all-IP.

What NERC/CIP Means for Your Microwave White paper: What NERC/CIP Means for Your Microwave
Cyber Security and Electric Utility Communications

How to secure your wireless transport network?

  1. Secure the management
  1. Secure the data
    • Aviat Secure Payload
    • Eclipse FIPS 197 Validated
  2. Simplify the administration
    • Aviat Radius Server
White paper

What is FIPS? And why should you care?

  Mark Minnoch from InfoGard talks about FIPS 140: what it is, who needs it, the process, the different security levels and how it makes networks more secure.

Or, download the documents below to find out more

Technical Note Presentation

Did you know

Aviat’s radios are FIPS 140-2 validated, ensuring the highest possible level of security for your network.

Aviat’s radios have also received UC APL certification for security and interoperability for US Department of Defense and other organizations.

Subscribe to our newsletter