Products
By Outside the Stacks, Inc
The QED Migration Proxies are positioned as a versatile and robust solution tailored to address a broad range of networking challenges associated with the transition from IPv4 to IPv6, and the adoption of modern security standards such as TLS 1.3 and post-quantum cryptography.
The proxies are:
- QED TLS Migration Proxy
- QED IPv6 Migration Proxy
- QED TLS Migration Reverse Proxy
- QED IPv6 Migration Reverse Proxy
Sandbox Scenarios
1. Clients with old versions of TLS (MPFv4): The comprehensive TLS proxy functionality of the QED proxies ensure that even clients using outdated TLS versions can be accommodated. By acting as a middleman that can interpret and upgrade the security of communications, it allows for secure data transmission using the latest TLS standards, thereby protecting against potential security vulnerabilities.
2. IPv4 clients need to access IPv6 sites (MPFv6): This is addressed by the IPv4 to IPv6 network compatibility feature of the MPFv6 proxy. The proxy facilitates smooth communication between IPv4-only clients and IPv6-only networks, ensuring that the transition between protocols is seamless and transparent to the end-user.
3. Old servers with hard to migrate versions of TLS (MPRv4): Similar to scenario 1, but from a server perspective. The proxy’s TLS capabilities ensure that servers using outdated TLS versions can still maintain secure communications with clients using modern TLS standards. This ensures the integrity and confidentiality of data in transit.
4. Old servers which are hard to migrate to IPv6 (MPRv6): The proxy’s ability to facilitate communication between IPv4-only and IPv6-only networks ensures that servers that have not transitioned to IPv6 can still communicate with IPv6 networks, thereby extending the operational lifespan of legacy systems.
5. IPv4 network wanting to support IPv6 IoT network (MPRv6): This scenario is akin to scenario 4, emphasizing the importance of the proxy’s role in enabling IPv4 networks to connect with IPv6 networks. This is particularly relevant for IoT devices, many of which may operate exclusively on IPv6 due to its larger address space and improved security features.
6. Clients want to use TLS1.3 but want to retain network visibility (MPFv4 or MPFv6): The QED proxies support the latest TLS standards, including TLS 1.3. It can thus facilitate secure connections using TLS 1.3 while also providing mechanisms to ensure that network administrators retain visibility into network traffic for monitoring and security purposes.
7. Servers want to use TLS1.3 but want to retain network visibility (MPRv4 or MPRv6): Similar to scenario 6, but focusing on server-side requirements. The proxy ensures that servers can adopt TLS 1.3 without sacrificing the ability of network administrators to monitor and manage traffic, thereby balancing security with operational requirements.
8. Clients/servers want to use post-quantum crypto suites (MPFv4 or MPFv6 / MPRv4 or MPRv6 – experimental until NIST / patent dispute resolved): The QED proxy’s forward-looking architecture allows for the experimental adoption of post-quantum cryptography suites. While this feature remains experimental pending resolution of NIST standards and any patent disputes, the proxy’s design anticipates future cryptographic standards, ensuring that it remains a viable and secure solution as these technologies mature.