Overview

This section tracks post-quantum cryptography adoption across networking infrastructure: which vendors have shipped PQC-capable products, which algorithms and protocol layers are supported, and what the realistic deployment landscape looks like as of 2026.

The networking layer is particularly critical for PQC migration because it protects in-transit data across enterprise WANs, VPNs, and internet-facing services — the most direct exposure point for the harvest-now-decrypt-later (HNDL) threat. Migration here requires coordination between standards (IKEv2/IPsec RFCs, TLS extensions), hardware capability (some PQC algorithms require crypto accelerator support for line-rate performance), and interoperability between vendor implementations.

Research status: Phase 1 — initial vendor surveys in progress. Entries for Sitehop and Juniper are established; additional vendors under research.

Key Themes

  • IKEv2/IPsec (RFC 9242/9370) is the primary integration point for enterprise networking equipment
  • Most major vendors have PQC on their 2025–2027 roadmaps; production-ready FIPS-validated implementations are limited as of April 2026
  • NSA CNSA 2.0 mandates create a hard deadline for US government network infrastructure by 2030
  • Interoperability between vendor implementations remains an unsolved operational challenge
  • Dedicated PQC networking vendors (Sitehop) offer purpose-built approaches distinct from incumbents’ PQC-added-to-existing-platforms

Vendors

Dedicated PQC Vendors

Company HQ Stage Focus
Sitehop Bristol, UK Private (Series A stage) Hardware-accelerated PQC networking; FPGA-based PQC IPsec appliances; focus on line-rate PQC without CPU overhead penalty. See entry.

Established Networking Vendors

Company PQC Status Primary Layer Notes
Juniper Networks In progress IKEv2/IPsec Junos PQC support roadmap; see entry.
Cisco Systems Roadmap announced IKEv2/IPsec, TLS IOS XE and NX-OS PQC plans; see other-vendors entry.
Palo Alto Networks Roadmap announced TLS, IPsec PAN-OS PQC trajectory; see other-vendors entry.
Fortinet Roadmap announced IKEv2/IPsec FortiOS PQC plans; see other-vendors entry.
Check Point Early IKEv2/IPsec Early PQC exploration; see other-vendors entry.

Entries

  • Juniper Networks — PQC Support — Post-quantum cryptography implementation status and roadmap for Juniper Networks (acquired by HPE 2024): Junos OS PQC support, IKEv2 integration, and product coverage.
  • Networking PQC — Other Vendors — Survey of post-quantum cryptography support and roadmaps across major networking vendors beyond Sitehop and Juniper: Cisco, Palo Alto Networks, Fortinet, Check Point, Nokia, and others.
  • Sitehop — UK startup building hardware-accelerated post-quantum cryptography networking appliances; FPGA-based PQC IPsec at line rate; spin-out from University of Bristol.