You could save 60% with Mainsdata

Mainsdata is the answer to how to save money on branch network costs while at the same time improving security, speed and reliability.

Companies and organisations that switch their branch network supply to Mainsdata can save considerable sums of money and their network access speeds will increase and the reliability and resilience of their links improve.  The Mainsdata solution offers 7 days-a-week management of the network service, direct phone access to an engineer in case of problems and the benefit of individual consultancy, ordering, and installation and setup.   It also includes legacy SNA and X.25 interoperability.  We partner with tier-1 providers to deliver this service.

So, what is stopping you from switching?

Retail branches are usually sited in centres of population.   They use mains electricity, mains gas, mains water, mains drainage and regular telephone lines.   Historically, the public services were thought too slow for data and so private networks have been used at significant cost.

Access to the centre via the Internet is now much faster than via traditional private networks and the time has come to exploit this for branch connectivity.   Thousands of businesses are operating via the Internet and all the large retail companies rely on the Internet at their centre to communicate with millions of customers both large and small.

Brown’s Mainsdata routers in each branch are the key to facilitating the move away from private circuits to confidently using the Internet via a combination of broadband (ADSL), fibre (cable modem access) and UMTS (3G) for mainline and backup services.   It is the Mainsdata routers that provide the network security and the management of the access to the network.  The connections between the branches and the datacentre are secured regardless of the underlying physical network.

Any retail company with 10 or more branches would benefit from using this approach.   For those with an existing private network the payback time is well under a year.

Mainsdata security - the technical data

All data between branch and datacentre is carried via secure virtual private networks - or VPNs.  This provides end-to-end security.

The VPNs are established between a Mainsdata router in each branch and a Mainsdata server in the enterprise datacentre.  The security protocol used is TLS1.2 (RFC 5246).

The two endpoints of each VPN are authenticated using X.509 certificates with 2048-bit public and private keys.

Data is encrypted using the AES algorithm with 256-bit keys.  This process ensures the confidentiality of the data.  [PCI-DSS requirement 4]

A 256-bit hash using the SHA2 algorithm is applied to each transmitted block and is checked by the recipient.  This prevents undetected tampering with the data and so ensures its integrity.

The endpoints of the network discard all outside data originating from outside of the VPN, so attempted intrusions from other sources will be prevented.  [PCI-DSS requirement 1]

Devices attached to the Mainsdata router must have their MACs authorised before being allowed to participate in data exchange.  This will inhibit the connection of rogue devices to the LANs in the remote locations.  [PCI-DSS requirement 10]

A RADIUS-based utility, DNRACS, is used to verify remote locations against stored security credentials and to log VPN connections.

A comprehensive management and monitoring facility, DNManager, is used to:
* report on the status of the network
* alert operators to attempted security breaches
* keep updated the security credentials of acceptable locations
* authorise the MACs of devices in the branches
* remotely update the firmware of Mainsdata routers
* assist in the diagnosis of problems

PCI-DSS refers to the Payment Card Industry Data Security Standard version 1.2

Datasheets

Brown’s Mainsdata solution