Articles
HARDWARE-SOFTWARE IP ENCRYPTION DEVICE FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"
The hadware-software complex of IP-encryption "Reka" (IP-encryptor) is designed for cryptographic protection of information exchange between local networks and/or individual workstations communicating over IP through data transmission networks.
IP-Encryptor provides for:
- connection on joints of Ethernet standard IEEE 802.3 (100 Mbit/s) to the protected LAN and network equipment of the transport network over copper or fiber cables;
- cryptographic protection of IP-packets by complete encapsulation;
- automatic transparent encryption/decryption of information with a given stability by the encryption algorithm GOST 28147-89 or STB 34.101.31-2011, with the ability to change the algorithm (AES256);
- continuity testing of the data packets - protection against falsified data entry protection in accordance with GOST 28147-89 or STB 34.101.31-2011, with the ability to change the algorithm (HMAC);
- key generation i for networking using the random number generator based on physical noise source;
- simultaneous operation in the network of almost 1000 units (providing simultaneous operation of up to 1000 virtual channels);
- keeping of the autonomous audit log;
- twenty-four-hour out-of-service operation;
- monitoring of the operation of the product on PC connected to the ports of the product.
Power supply of the IP-encryptor is made from the AC with voltage (100-260) V, frequency (0-60) Hz (optionally mounting of the power unit from DC mains with voltage from 20 to 72 V with any grounded positive).
Access to the control functions of the IP-encryptor is implemented using password protection.
Case of the unit of IP-encryptor is designed for installation in a standard 19" rack of equipment 1U.
Control and indication devices, key input interface are located on the front panel of the case of The IP-encryptor.
On the back panel of the case there are local and global network connection interfaces, and interface of external remote signaling device (rack-mountable signaling system).
Case of the unit of the product has a lide with a sealing device to restrict access to the connection interface of key information carrier.
TYPICAL APPLICATION SCHEME OF IP-ENCRYPTOR