An AES in the Hole
Government vendors gain advantage with fully compliant solutions
- By Daryl Miller
- May 01, 2009
It's no secret that government facilities must have airtight security systems and
protocols in place for protecting communications. In fact, that's one thing every
official, company and government body can agree on. With a new administration
in place and an increased focus on all levels of security, especially cyber security, it is
vital that all government agencies have policies and technology in place to safeguard
against unwanted attacks.
The challenge is finding vendors with the ability to provide tight data security
that meets all security and encryption standards set forth by the government. This is
especially true when short compliance deadlines and quick time-to-market conditions
are required. However, if vendors can find a way to meet all requirements and provide
fully compliant security solutions, they automatically have a competitive advantage.
Wanted: Lockdown Data Security
Honeywell International, a global public company based in New Jersey, understood the
urgency and quickly set out to find a way to incorporate all new government security
standards for encryption, including advanced encryption. The company provides solutions
that support regulatory compliance, improve profitability and maintain safe environments
in homes, buildings and industry. To keep a majority of the company's business
and help customers meet critical deadlines, Honeywell needed a fast, efficient and
cost-effective way of addressing the AES for government installation.
In June 2003, the government adopted the AES encryption standard, which was
announced by the National Institute of Standards and Technology in 2001. It is based
on FIPS-197. Today, AES is one of the most popular algorithms used in symmetric key
cryptography. Honeywell understood the need to quickly obtain the level of secure
connectivity needed for its customers. Knowing the parameters of the company's limited
expertise in the subject matter and personal capabilities, they immediately turned
to Lantronix for help.
Instant Implementation, Data Security
Lantronix has developed secure device servers and networking equipment for
decades, working with customers to ensure their needs and standards are met. The
company's SecureBox SDS product was the first device server certified by NIST to
meet FIPS-197 standards for ensuring secure data communication at AES levels.
Having worked with Lantronix in the past, Honeywell was confident that together,
they could quickly find a solution that met Honeywell's needs, while limiting
engineering changes for Lantronix.
"For more than three decades, Honeywell has been a leading provider of advanced
security systems for government applications," said Greg Turner, director of global
offer management at Honeywell International. "Therefore, it was critical that we
find a cost-effective way to address the new AES-certification requirement for our
customers. Based on our past experience with Lantronix, we had confidence the
SecureBox device servers were the solution that could enable us to quickly meet
Securebox device servers provided a complete end-to-end solution for ensuring that
the information within these devices could be securely accessed and transmitted over
a network or the Internet. The single- and dual-port external device servers incorporated
Lantronix' proven hardware, firmware and software utilities, making it a perfect fit.
The SecureBox SDS1100 was incorporated directly into the Honeywell enterprise
buildings integrator architecture. The solution enabled Honeywell's remote security and
access control devices to provide network communications with advanced encryption,
without replacing existing controllers. By incorporating Lantronix' SecureBox directly
into the system architecture, Honeywell greatly enhanced the level of secure data
communications between networked devices at facilities.
Reduced Time to Market
"Working with our customers to hit clearly-defined objectives is a core strength
of Lantronix," said Jerry Chase, CEO of Lantronix. "We knew from the start that
Honeywell needed a highly-secure solution quickly. Thanks to our newly-certified
SecureBox product, we were able to deliver exactly what the customer needed in a
Honeywell obtained the required level of secure connectivity within days. The ease
of implementation allowed the company to quickly bring its Security Manager
(a component of EBI) to market. Using the SecureBox SDS1100, Honeywell
decreased its time-to-market and increased its competitive advantage. The company
also retained its current customer base, while offering a leading-edge solution for other
government agencies looking to comply with the AES standard.
"By incorporating the SecureBox SDS1100 directly into our new products, we were
able to accelerate the launch of our AES-certified Honeywell Enterprise Buildings
Integrator to meet critical government compliance deadlines for our clients," Turner said.
Working with government agencies requires flexibility and the ability to commit to
rigid deadlines. Companies able to deliver under these restraints
benefit greatly in today's volatile business environment.
Lantronix' solutions allowed Honeywell to honor a time-sensitive
commitment and product specification for a very important
This article originally appeared in the May 2009 issue of Security Today.