EtherCrypt U2000

ST Electronics (Info-Security) Pte Ltd.

Description

High Performance L2 Encryptor

EtherCrypt U2000 is a layer-2 encryptor that protects the transmission of sensitive data over 10Gbps Ethernet and Metro- Ethernet networks. It offers full duplex confidentiality, integrity and replay protections using AES-256 Galois Counter Mode (GCM) encryption algorithm, and is suitable for pointto- point, point-to-multipoint and fully-meshed Ethernet networks.

It can be deployed easily into existing networks without any changes to the network configuration and supports unicast, multicast and broadcast Ethernet traffic. Designed with strictest security standards, EtherCrypt U2000 includes a tamper-resistant chassis, emergency erasure and active zeroization of encryption key. It also incorporates a FIPS 140- 2 Level 3 certified secure platform module for secure key storage and cryptographic processing. In addition, it comes with in-built over temperature detection to prevent data centre from overheating.

Key Features

Key Features

  • • High-assurance encryptor
  • • Low overhead line-rate encryption at 10Gbps
  • • 30Mbps throughput aggregate
  • • Supports AES-GCM algorithm for data confidentiality, integrity and anti-replay
  • • Redundant Power Supplies
  • • Over Temperature Detection
  • • Emergency Erasure Button

Specifications

EtherCrypt U2000

Performance
  • • Low overhead line-rate encryption at 10Gbps
Network Interfaces
  • • 2 x 10 Gigabit Ethernet ports (Trusted, External) with SFP+ interfaces
  • • Fiber optic: LC connector, multi-mode/single mode
  • • Copper: RJ45
  • • QoS support
  • • Traffic flow confidentiality
Cryptography
  • • Confidentiality, integrity and replay protections with Advanced Encryption Standard (AES-256) Galois Counter Mode (GCM) encryption algorithm
  • • Hardware Random Number Generator (HRNG)
Key Management
  • • DigiSAFE proprietary Key Management System
  • • Parameter loading using smartcard
Device Management
  • • Local console port (9-pin serial port)
  • • SNMP Port: 1 x 10/100 Mbps Ethernet RJ45 for remote monitoring
Physical Security
  • • Tamper resistant chassis
  • • Tamper detection and response (FIPS 140-2 Level 3)
  • • Active zeroization of cryptographic data upon tamper detection
  • • User PIN protected front panel menu
  • • High temperature detection
  • • Emergency erasure button
Performance:
  • • Zero-loss encrypted throughput up to 30Mbps (depending on IP packet size and used encryption mode)
  • • Support 10 concurrent IPSec tunnels
Operating Environment
  • • Storage Temperature: -20ºC to 70ºC1
  • • Operating Temperature: 0ºC to 40ºC
  • • Humidity: Relative 10%-95%, non-condensing
  • • EMC/EMI: FCC Part 15 Class B
Physical Characteristics
  • • Dimension: 420mm (W) x 445mm (D) x 44mm (H)
  • • Weight: <10Kg
  • • Redundant Hot-Swap PSU: 100-240V AC 50/60Hz or 36-72V DC, 150W
Networking Features & Protocols
  • • Support Ethernet Layer 2 encryption
  • • Support for Jumbo frames up to 8000 bytes
  • • Point-to-point, multipoint-to-multipoint
Security/ Configuration
  • • Audit logging
  • • Alarm detection and reporting
  • • SNMP v2c network management (operates with standard SNMP network management station)
Optional Feature

Accreditation

  • • DigiSAFE TrustCrypt – FIPS 140-2 level 3 certified cryptographic module (certificate #1304)

Smartcard

  • • Configuration card for users authentication and cryptographic key parameters

Feature

  • • Supports customized algorithm loading feature

 

 

Use Cases

EtherCrypt U2000 - User Cases