Gnom-E

IP NETWORK ENCRYPTOR WITH INTEGRATED ETHERNET SWITCH

Printable versionPrint
Additional photos:
dsc_62911
dsc_6291-11
dsc_62962

Gnom-E, B271-Е(РЕ), is IP Inline Network encryptor (INE).

 

B271-Е(РЕ) protects at the midrange security levels in accordance with Government and Military requirements.

 

B271-Е(РЕ) is specifically designed to support IP/Ethernet operating over standard commercial networks (Internet, IP MPLS etc) and provides inline encryption of IP protocol by cable, satellite, and cellular (3G, 4G) communication channels.

 

In-built controlled 4-port Ethernet switch enables to connect user equipment directly to encryptor.

 

B271-Е(РЕ) is applicable for stationary (B271-Е) and mobile (B271-РЕ) objects.

Functionality
func

End-to-end encrypting of IP-network traffic

Traffic encrypting is performed on local network perimeter. Cryptographic processing in online mode provides "transparent" operation of data processing network applications, IP-telephony, video conference communication.

 

Virtual channels of encrypted communication

During exchange of encrypted information, the virtual channels of communication means are created in accordance with the diagram given by complex administrator.

 

Link redundancy

For each communication direction some virtual channels can be defined with different routes, which provides automatic backup paths if an active link fails

 

Key Management

Key Management ensures centralized preparation and distribution of key data. В364-Е includes hardware random number generator (FIPS 140-2 compliance) which is used to create random cryptographic keys. The distribution is provided by methods of automatic online transmit through encrypted network and manual keys input.

 

Hardware crypto module

Cryptographic functions are performed by specialized chips with duplexing option which provides high transmitting capacity and encrypting reliability.

 

Channels loading balancer

Virtual channels can be combined in groups to balance the load and to increase the transmitting capacity of network nodes.

 

Equipment redundancy

The equipment can be duplicated for “hot” standby and the transmitting capacity trunking.

 

Monitoring and control

Monitoring and control of the equipment can be performed either locally or remotely via Centralized Management Software. CMS is available for PC Windows 2000, XP, 7 and enables to control operational modes of the equipment, change configuration parameters, view statistic information, logs of events in encrypted communication network. The protection against unauthorized access to equipment control is provided by two-factor authentication.

Technical characteristics
teh

Platform

 

RISC

Freescale Power QUICC II™

 

Operating System

 

RTOS

TritelOS™

 

Protocols

 

IP v.4

RFC 791, RFC 826, RFC 1042, RFC 1812

IP Multicast

RFC 3171

DHCP client

RFC 2131

HSRP

RFC 2281

VLAN

IEEE 802.1Q

 

COMSEC Characteristics

 

Encryption mode

packet, end-to-end

Cryptographic algorithm

DSTU GOST 28147:2009, hardware implementation

IP Throughput

up to 30 Mb/s

Interoperability

B371-Е(РЕ)

 

Communication schemes

 

Full mesh

 Circular

Link oriented

 Mixed

 

Management

 

Vt100 terminal, СMS

 

 

Physical Interfaces

 

1 port 100 Base-FX, ММ, RJ-45

Red Data Interface

4 port 100 Base-FX, ММ, RJ-45

Black Data Interface

RS-232, RJ-45

Control terminal

ISO-7816-2, 3

Key fill

 

Power

 

В271-Е

up to 15 Watt 170-240 V, 50-60 Hz

В271-РЕ

up to 15 Watt 10-36 VDC

 

Safety

 

ІEC 60950:1999, DSTU 4113-2001

 

 

EMI/EMC

 

EMI/TEMPEST approved. ІEC 61000:2007, DSTU СISPR 22:2007, DSTU СISPR 24:2008

 

Environmental

 

Operational temperature

 

В271-Е

up 0° С to 60° С

В271-РЕ

up -20° С to 60° С

Storage temperature

up -35° С to 80° С

Humidity

up to 95% (non-condensing 25°С)

 

Design

 

3U, 19-inch rack-mount

 

 

Dimensions

 

230 х 278 х112 мм (Ш х Д х В)

 

 

Weight

 

В271-Е

3,8 kg

В271-РЕ

3,2 kg

Application diagram
instr

Documentation
lic