Gnom-E
IP NETWORK ENCRYPTOR WITH INTEGRATED ETHERNET SWITCH
Gnom-E, B271-Е(РЕ), is IP Inline Network encryptor (INE).
B271-Е(РЕ) protects at the midrange security levels in accordance with Government and Military requirements.
B271-Е(РЕ) is specifically designed to support IP/Ethernet operating over standard commercial networks (Internet, IP MPLS etc) and provides inline encryption of IP protocol by cable, satellite, and cellular (3G, 4G) communication channels.
In-built controlled 4-port Ethernet switch enables to connect user equipment directly to encryptor.
B271-Е(РЕ) is applicable for stationary (B271-Е) and mobile (B271-РЕ) objects.
- Functionality
- func
End-to-end encrypting of IP-network traffic
Traffic encrypting is performed on local network perimeter. Cryptographic processing in online mode provides "transparent" operation of data processing network applications, IP-telephony, video conference communication.
Virtual channels of encrypted communication
During exchange of encrypted information, the virtual channels of communication means are created in accordance with the diagram given by complex administrator.
Link redundancy
For each communication direction some virtual channels can be defined with different routes, which provides automatic backup paths if an active link fails
Key Management
Key Management ensures centralized preparation and distribution of key data. В364-Е includes hardware random number generator (FIPS 140-2 compliance) which is used to create random cryptographic keys. The distribution is provided by methods of automatic online transmit through encrypted network and manual keys input.
Hardware crypto module
Cryptographic functions are performed by specialized chips with duplexing option which provides high transmitting capacity and encrypting reliability.
Channels loading balancer
Virtual channels can be combined in groups to balance the load and to increase the transmitting capacity of network nodes.
Equipment redundancy
The equipment can be duplicated for “hot” standby and the transmitting capacity trunking.
Monitoring and control
Monitoring and control of the equipment can be performed either locally or remotely via Centralized Management Software. CMS is available for PC Windows 2000, XP, 7 and enables to control operational modes of the equipment, change configuration parameters, view statistic information, logs of events in encrypted communication network. The protection against unauthorized access to equipment control is provided by two-factor authentication.
- Technical characteristics
- teh
Platform
RISC
Freescale Power QUICC II™
Operating System
RTOS
TritelOS™
Protocols
IP v.4
RFC 791, RFC 826, RFC 1042, RFC 1812
IP Multicast
RFC 3171
DHCP client
RFC 2131
HSRP
RFC 2281
VLAN
IEEE 802.1Q
COMSEC Characteristics
Encryption mode
packet, end-to-end
Cryptographic algorithm
DSTU GOST 28147:2009, hardware implementation
IP Throughput
up to 30 Mb/s
Interoperability
B371-Е(РЕ)
Communication schemes
Full mesh
Circular
Link oriented
Mixed
Management
Vt100 terminal, СMS
Physical Interfaces
1 port 100 Base-FX, ММ, RJ-45
Red Data Interface
4 port 100 Base-FX, ММ, RJ-45
Black Data Interface
RS-232, RJ-45
Control terminal
ISO-7816-2, 3
Key fill
Power
В271-Е
up to 15 Watt 170-240 V, 50-60 Hz
В271-РЕ
up to 15 Watt 10-36 VDC
Safety
ІEC 60950:1999, DSTU 4113-2001
EMI/EMC
EMI/TEMPEST approved. ІEC 61000:2007, DSTU СISPR 22:2007, DSTU СISPR 24:2008
Environmental
Operational temperature
В271-Е
up 0° С to 60° С
В271-РЕ
up -20° С to 60° С
Storage temperature
up -35° С to 80° С
Humidity
up to 95% (non-condensing 25°С)
Design
3U, 19-inch rack-mount
Dimensions
230 х 278 х112 мм (Ш х Д х В)
Weight
В271-Е
3,8 kg
В271-РЕ
3,2 kg
- Application diagram
- instr
- Documentation
- lic