Articles
HARDWARE-SOFTWARE IP ENCRYPTION DEVICE FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"
HARDWARE-SOFTWARE IP ENCRYPTION DEVICE
FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"
DEVICE PURPOSE
It is intended for cryptographic protection of information exchange between local networks or/and separate stations interacting under IP through data networks.
PROVIDES
- connection on joints of Ethernet of the IEEE 802.3 (10/100 Mbit\s) to protected LAN and to a network equipment of a transport network on copper or optical cables;
- cryptographic protection of IP packets by method of complete encapsulation; (protocol IPsec Encapsulating Security Payload);
- the transparent automatic encryption/decryption of information on the encryption algorithm: GOST 28147-89, STB 34.101.31-2011, AES256;
- aggregated encryption speed of 200 Mbps;
- integrity control of data packets – protection against falsified data entry protection in accordance with GOST 28147-89, STB 34.101.31-2011, SHA256;
- key system – a fully-connected key matrix with individual keys on each direction of exchange;
- generation and recording of keys for networking using a random number sensor (based on a physical noise source) on AT88SC25616C type contact cards or CD;
- checking the integrity of the cryptomodule software using the STB 34.101.31-2011 algorithm (with the possibility of replacing the algorithm);
- simultaneous network operation up to 1000 IP encoders (ensuring simultaneous operation of up to 1000 virtual channels);
- work through NAT;
- monitoring the operation of the IP encoder on the PC connected to the control port of the IP encoder;
- protection against unauthorized access when opening the case;
- offline audit logging;
- round-the-clock unattended work.
Access to the control functions of the IP encryptor is implemented using password protection.
The block body of the IP encryptor unit is designed to be installed on a standard 19” rack of 1U equipment (a set of installation parts is included in delivery).
On the front panel of the IP encryptor are controls and display, key input interface.
On the rear panel of the case there are 2 (two) interfaces for connecting a local network, a global network and an interface of an external remote warning device (rack-mount alarm).
The body of the product has a lid with a sealing device to limit the interface access for connecting the key information carrier.
OPERATIONAL CONDITIONS
- temperature range from + 5 to + 40 ºС at relative humidity of 80% at 25 ºС;
- power supply from the AC mains voltage from 90 to 260 V, frequency from 47 to 63 Hz;
- power consumption no more than 15 W.
Operational features – a static IP address is required from the address space of the data network of the Internet provider.
PACKAGE CONTENTS
- IP encryptor unit with U1 overall dimensions according to IEC 60297 3 101-2004;
- software bundle (supplied on CD);
- a set of contact smart cards such as AT88SC25616C;
- operational documentation (supplied on a CD);
- a set of spare parts and accessories;
- a set of mounting parts for installation in a 19"rack;
- packaging.
IP ENCRYPTOR TYPICAL APPLICATION SCHEME
Certificate of Conformity № BY/112 02.01.036 00126