HARDWARE-SOFTWARE IP ENCRYPTION DEVICE FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"
HARDWARE-SOFTWARE IP ENCRYPTION DEVICE
FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"
It is intended for cryptographic protection of information exchange between local networks or/and separate stations interacting under IP through data networks.
- connection on joints of Ethernet of the IEEE 802.3 (10/100 Mbit\s) to protected LAN and to a network equipment of a transport network on copper or optical cables;
- cryptographic protection of IP packets by method of complete encapsulation; (protocol IPsec Encapsulating Security Payload);
- the transparent automatic encryption/decryption of information on the encryption algorithm: GOST 28147-89, STB 34.101.31-2011, AES256;
- aggregated encryption speed of 200 Mbps;
- integrity control of data packets – protection against falsified data entry protection in accordance with GOST 28147-89, STB 34.101.31-2011, SHA256;
- key system – a fully-connected key matrix with individual keys on each direction of exchange;
- generation and recording of keys for networking using a random number sensor (based on a physical noise source) on AT88SC25616C type contact cards or CD;
- checking the integrity of the cryptomodule software using the STB 34.101.31-2011 algorithm (with the possibility of replacing the algorithm);
- simultaneous network operation up to 1000 IP encoders (ensuring simultaneous operation of up to 1000 virtual channels);
- work through NAT;
- monitoring the operation of the IP encoder on the PC connected to the control port of the IP encoder;
- protection against unauthorized access when opening the case;
- offline audit logging;
- round-the-clock unattended work.
- temperature range from + 5 to + 40 ºС at relative humidity of 80% at 25 ºС;
- power supply from the AC mains voltage from 90 to 260 V, frequency from 47 to 63 Hz;
- power consumption no more than 15 W.
Operational features – a static IP address is required from the address space of the data network of the Internet provider.
- IP encryptor unit with U1 overall dimensions according to IEC 60297 3 101-2004;
- software bundle (supplied on CD);
- a set of contact smart cards such as AT88SC25616C;
- operational documentation (supplied on a CD);
- a set of spare parts and accessories;
- a set of mounting parts for installation in a 19"rack;
IP ENCRYPTOR TYPICAL APPLICATION SCHEME
Certificate of Conformity № BY/112 02.01.036 00126