ECHINOPSSecurity for governmental and classified defense networks
Smarter, Safer
>
THALES160, Boulevard de Valmy, BP 8292704 Colombes Cedex, France
Tel: +33 (0)1 46 13 22 29Fax: +33 (0)1 46 13 22 97
e-mail:[email protected]
- 08/20
11 - Thale
s reserves the right to modify the technic
al characteristics of the equip
ment w
ithout notice
.
THALES offers a full range of services to support users in the equipment deploymentand use phases:
>>
• System and system integration• Training• Installation/deployment of the equipment• Extended warranty
• Software upgrades• Customer call centre• On-site technical support• Maintenance
A complete and flexible service offer
>> A technical offerSECURITY
Encryption Secret Defense (France), EU Secret, NATO Secret encryption algorithm IPSec tunnel mode
Services Authentication Integrity control Anti‐replay Security declassification of the equipment via emergency erasure and/or CIK (Cryptographic Ignition Key)
Filtering Protocol and address filtering Auto-monitoring and security alarm relaying Flow distribution according to class of service (QoS)
Key Management Key lifetime and crypto period monitoring Up to 1,000 keys simultaneously managed by device
PERFORMANCE CHARACTERISTICSRate 100 Mbps Full Duplex
Latency <450µs (compatibility VoIP)Tunnels Up to 1,000 simultaneous encrypted Virtual Private Network (VPN) without loss of performance (throughput, latency)
Up to 1,000 two-way security policies (pairs of IP addresses or address groups)Redundancy Crypto unit redundancy: High-Availabiility
ADMINISTRATIONSupervision Network security supervision by SNMP V3
Management Remote device control (configuration, revocation, emergency erase, etc.) Generation and conditioning of secret elements Automatic key management and renewal Alarm offset
Man machine interface Graphic definition of security policies Management of several topologies (library ready to use with the choice of an active topology) XML import/export of topologies
Capacity Up to 1,000 devices managed by the Operating Centre Three versions available: desktop, rack 2U or 3U, tactical
High availability Capacity of Operating Centre redundancy Synchronized operations with redundant encryptors
NETWORKSIPv4 and IPv6 IPv4 and IPv6 networks compatibility
Multicast Multicast stream protectionLow bandwidth Compatible with low bandwidth networks (sensitive network: frame size setup)
INTERFACESKey interfaces Smart card reader
CIK connector Injection port for black keys (DS-101) compatible with the Data Tactical Carrier (DTC)
Network interfaces Two wire interfaces (RJ45 connectors) or two optical interfaces 100Base FX Compatibility IEEE 802.3, Ethernet V2, IPv4, IPv6
Console port One serial port (RS232-C interface, Female DB9)Erasure One pushbutton for emergency erase (operational with or without power supply)
STANDARDSTEMPEST NATO SDIP-27 Level A (AMSG 720B)
Others ROHS, Radionuclide, Amiante, REACHCE ElectroMagnetic and Low Voltage Compatibility
ENVIRONMENTMTBF > 100,000 hours (real usage experience)
Dimensions 92 mmH x 260 mmW x 432 mmDWeight 3.6 kg
T° Storage -20 to +65°CT° In service 0 to 40°C
Humidity 10 to 90% to 40°CAltitude In service: 0 to 4,270 m
In storage: 0 to 10,700 mPower supply AC 100-220V/47-63Hz
Command Centre
ECHINOPS, jointly developed with the Direction Générale de l’Armement (DGA), the French armament procurement agency, offers all the security functionalitiesnecessary to modern applications deployed on the communication networks:
Videoconference, VOIP: MulticastDevice and Operating Centre redundancy, High availability H24
Rate guaranteed and resources optimization (QOS)Satellite links and constraint network (low bandwidth)Rapid deployment on a new theatre of operations(management of multiple topologies)
LOCAL PROTECTIONECHINOPS is designed to resist any type of attacks: High authentication of administrator accessSoftware integrity checkProtection against signals and electromagnetic incriminating radiance Intrusion detection and emergency clearing(inviolability)Security events logging
NETWORK PROTECTIONECHINOPS integrates all network security functionalities:Authentication of communications originStream encryptionIntegrity controlAnti-replayNetwork architecture masking
ECHINOPS Operating CentreWith its Operating Centre, the ECHINOPS system offers innovative functionalities:
Graphical interface, immediate and controlled secure links activation Secure key distributionOptimization and support to operator ‘s role decisionKey renewal without human interventionTopologies library ready to use, also in XMLAutomatic display of lost links
PersonalizationCentre
Key GenerationCentre
ManagementCentre
Security for governmental and classified defense networks
Operating Centre
The ECHINOPS system effectively protects against monitoring, alteration andintrusion threats on communication networks:
Reinforced IPSec security protocol100 Mb/s full duplexAccreditations: Secret Défense/ EUSecret in 2008/ NATO Secret in 2011Simultaneous processing IPv4 and IPv6
Internet connectivity (NetworkAddress Translation NAT)Kit update between versionsLocal administration on devicesor centralised
Top Related