| |
 Home / Products / CipherOptics SG100 |
|
| |
CipherOptics SG100
Fast Ethernet Data Protection Gateway
Taking the vulnerabilities out of
IP
The convergence of data, voice and video onto a single
network is driving the need for more bandwidth. That,
combined with demands to lower networking costs, has resulted
in the increased use of IP networks for core business
applications. If you are making the move to IP to lower costs
and increase bandwidth, the trade-off is that your network is
more vulnerable to security breaches, including
eavesdropping, tampering and denial-of-service attacks. IP
was designed for resiliency and ease-of-use, not security.
Mitigating the risks and eliminating the vulnerabilities of
your IP transport network is the most significant protection
necessary for ensuring data integrity.
Locking your data in transit
Your firewalls, intrusion detection systems (IDS),
anti-virus software and other perimeter security technology
do their part in preventing many outside threats from
entering your network. But what about your data—the
heart of your business—when it travels over your core IP
transport network? The only way to protect that data is to
encrypt it while it’s in transit. The CipherOptics SG100
network security appliance protects data in transit while it
travels over IP networks at up to 100 Mbps.
IPSec encryption at
wire-speed
Using IP Security Protocol (IPSec), the CipherOptics SG100
network security appliance provides full-duplex, wire-speed
protection—all with virtually no latency—providing
protection for all of your business-critical information in
transit, whether it’s data, voice or video conferencing.
The CipherOptics SG100 combines the best-of-breed in security
and speed: robust AES or 3DES encryption processing with
full-duplex Fast Ethernet wire-speed throughput. It
eliminates costly processing bottlenecks in the network while
affordably maximizing the efficiency of existing network
resources.
Fast, simple, transparent
security
Because it is an appliance and not a multi-purpose device,
the CipherOptics SG100 makes network security simple. No
complicated network or router re-configuration required. It
easily integrates into your existing network without
consuming valuable network resources. With simple
installation and policy set-up, the CipherOptics SG100 can be
installed in minutes, operating transparently to ensure that
all of your data in transit is locked down.
Security best practices for
regulatory compliance
By having the CipherOptics SG100 integrate easily into the
network while at the same time being able to manage it
separately, you can build a robust security infrastructure
that will help withstand the scrutiny of a security audit. In
fact, it is an integral part of best practices to encrypt all
sensitive data in transit. The flexibility of the
CipherOptics SG100 also makes it a valuable tool in ensuring
industry best practices for compliance with such regulations
as Graham-Leach-Bliley, California SB1386 and HIPAA.
| Technical
Specifications |
IPSec Modes
• Tunnel mode
• Encapsulated Security Payload (ESP)
• Authentication Header (AH) |
Encryption and Integrity
• AES: FIPS 197
(128, 192, 256 bit keys)
• 3DES: ANSI X.952 (168 bit keys),
standard CBC mode
• HMAC-SHA-1-96
• HMAC-MD5-96 |
|
Authentication and Key
Management
• Diffie-Hellman
groups 1, 2 and 5
• X.509 v3
digital certificates
• Digital
Signature Standard (DSS)
• Internet Key
Managerment (IKE)
• Manual keys |
Device Management
• Secure
management interfaces (CLI and browser)
• Out-of-band
management
• Secure download
of software updates
• SNMP v2c MIB
managed object support
• Optional
certificated authentication |
Network Support
• IEEE 802.3
• VLAN tages
• MPLS labels
• Jumbo frame support
• PMTU
• Dead peer detection
• Optical loss pass-through |
Performance
• Throughput: Up to 200Mbps full-duplex Fast
Ethernet with AES or 3DES
• Concurrent
IPSec tunnels: 8,000
• Security
Associations: 16,000 |
Interfaces
• Two Fast
Ethernet ports
• Management: 10/100 Ethernet and RS-232 |
Environmental
• Operating
Temperature: 0° to 40°C
• Operating
Humidity: up to9% non-condensing
• Operating
Altitude: -200 to 10,000 feet AMSL |
Physical
• Tamper-evident
chassis
• Footprint: 4" H x 17" W x 15"
D
• Rack mountable
in standard 19" rack
• Power:
115-240VAC @ 50/60 Hz, autosensing
• Weight:
10 lbs |
|
Regulatory
• Emissions: FCC Part 15 to Class B
Specifications, EN61000-3-2: 1995, EN61000-3-3: 1999,
EN61000-4-2 through 4-6, 4-11: 1995
• Safety:
IEC 60950 (UL), CSA-C22.2 No. 60950-00, EN 60950 for
the participating European nations, EN 90950 for all
country deviations |
Certification
• FIPS PUB 140-2
Level 2 validated |
|
|
Features
 |
Protect data in transit over untrusted IP networks |
|
|
High-performance, hardware-based AES & Triple-DES
encryption |
|
|
IPSec encryption (100 Mbps and Gigabit) |
|
|
Introduce virtually no latency |
|
|
Integrate transparently into existing IP networks |
|
|
Have received FIPS 140-2 Level 2 validation |
|
Application Note
Whitepaper
Datasheet
Related Products
 |
|
