HC-8546: Universal Multi-Protocol Encryption

Crypto AG

Category: Encryption | 02/02/2011 - 04:33:29

HC-8546 for Synchronous Digital Hierarchy

Today, Synchronous Optical Network / Synchronous Digital Hierarchy (SONET / SDH) networks provide vast bandwidths of up to 10 Gbit/s for the large-scale integration of IT infrastructures. They are used for all sorts of critical communication services (data, voice and video). Many organisations use them to transmit a mixture of different network and storage protocols between two sites. The vast range of services and applications available makes it important to ensure that the transported information is protected against any attacks. The HC-8546 for Synchronous Digital Hierarchy Networks is the universal solution to fulfil all the respective requirements: It offers the possibility to combine different input protocols (Gigabit Ethernet, Fibre Channel, FICON) at speeds of up to 10 Gbit/s and encrypts all transported applications with secret, high-security algorithms bevor sending them over Synchronous Digital Hierarchy networks.

HC-8546 for Synchronous Digital Hierarchy

  • Flexible and cost-efficient hardware-based data encryption up to 10 Gbit/s using secret, customer-specific algorithm
  • Transmission of up to ten different signals via CWDM, DWDM, Dark Fibre or Synchronous Digital Hierarchy networks
  • Support of Gigabit Ethernet, 1/2/4 Gbit/s Fibre Channel and 1/2 Gbps FICON
  • User-friendly computer-based centralised Security Management Centre
  • Transparent for all applications and services
  • Easy network integration and minimal maintenance
  • 100% encryption performance and minimal latency < 1μs

The HC-8546 for Synchronous Digital Hierarchy Networks consists of a modular system based on two powerful building blocks: A TDM module ("muxponder") which provides signal aggregation of all major broadband protocols, and the hardware encryption unit for the encryption of the aggregated signals. This system provides unlimited encryption without loss of performance, in full duplex operation for all applications using Synchronous Optical Network / Synchronous Digital Hierarchy high-speed infrastructures. Thanks to interchangeable optical transceivers, you can configure it for all standard wavelengths, distances and fibre types. Encryption takes place in a separate tamper-proof security module with symmetric, customer-specific algorithms profiled by your Security Manager. This prevents attacks, both by cryptographic and mechanical means. Centralised offline and online security management with a user-friendly, computer-based Security Management Centre offers easy setup and update of cryptographic parameters.

HC-8546 Multi-Protocol Encryption for Synchronous Optical Network / Synchronous Digital hierarchy (SONET / SDH) Networks

Housing

  • 19" rack mounting - 2 units high

User Interfaces

  • Keypad with 16 buttons
  • 2 lines x 16 characters LCD with backlight
  • Status LEDs at front of unit
  • Browser-based user interface
  • Built-in smart card reader for reading/writing
  • Key and setup data
  • Diagnostic user interface

Local / Link Interfaces

LC connector:

  • Optical transceivers XFP according to MSA (Multi Source Agreement)
  • Available for different distances up to 80 km and different wavelengths

Synchronous Optical Network / Synchronous Digital Hierarchy 9.953 Gbps

  • ITU-T G.691 SONET OC-192 / SDH STM-64

Management Interfaces

  • Local management (browser-based access) Ethernet 10BASE-T/100BASE-TX RJ-45
  • Remote management (SMC-1100, NMC, RAD-1100, time server) Ethernet 10BASE- T/100BASE-TX RJ-45
  • Alarm relay RJ-45 (active or non-active alarm indication)
  • Control interface (diagnostics) Serial RS-232 RJ-45

Management

  • Security Management Centre (SMC-1100) with in-band and out-of-band online management
  • Remote access via encrypted browser connection (RAD-1100)
  • Local management via keypad and display
  • Local management via browser-based user interface
  • Remote SW update SNMPv1 Standard MIB II

Test Facilities

  • Built-in test equipment (BITE)
  • Cipher loop test
  • Transparent mode
  • Diagnostics

Compliance

  • ITU-T

EMC

  • EN 55022 CI B/EN 55024

Safety

  • EN 60950-1/EN 60825-1

Power Supply

  • Redundant hot-pluggable PSUs (AC/AC) at front of unit
  • AC input 230 VAC nominal (100...240 VAC/50...60 Hz)
  • DC input 48V (± 25 %)
  • Maximum power consumption < 100 W

Cooling

  • Redundant hot-pluggable cooling with 6 fans

Dimensions

  • 444 x 350 x 88 mm W/D/H

Weight

  • 8.6 kg

Reliability

  • 99,999 %
  • MTBF: 50,000 hrs

Quality System

  • ISO 9001:2000

Conformity

  • CE (European conformity)

Cryptographic Data

Algorithm

  • Mutual key agreement scheme for generation of short-term communication keys
  • Customer-managed profiling of algorithm with variety > 10506
  • Customer-specific cipher algorithm HCA-820
  • Built-in high quality true random generator

Keys

  • Customer-defined master communication keys stored in tamper-proof security module
  • Master communication keys and communication keys with variety > 1038

Key Management

  • Manual key input via user interface
  • Online with SMC-1100
  • Copy/backup of key and installation data with Security Data Carriers Offline with SMC-1100 and Security Data Carriers
  • Online inter-unit management

Access Protection

  • Tamper-proof design
  • Password protection with user names
  • Block/unblock function
  • Emergency clear

Environmental Data

  • Operating temperature: 0 °C...+50 °C
  • Storage temperature: -25 °C...+70 °C
  • Humidity: 5 %...95 %, non-condensing

Accessories / Options

  • Security Management Centre SMC-1100 Broadband
  • Remote Access Device RAD-1100
  • Security Data Carriers
  • DC Power Supply

General Data TDM Module

Protocols

  • Gigabit Ethernet
  • Fibre Channel 1/2/4 Gbit/s
  • FICON 1/2 Gbit/s
  • 10Gbps max. bandwidth (STM-64/OC-192)
  • Latency < 40μs

Client Interface

  • SFP module: 850/1310 nm single mode and multi-mode
  • Supports all common connector types
  • aser class 1

Hardware

  • 19" rack-mounting - 1 unit high
  • Power supply -36 V DC to -72 V DC or 120/230 V AC