Home General Dynamics Mission Systems TACLANE-FLEX (KG-175F) Encryptor: Multi-Speed Customizable Encryption Platform PDF
ℹ️ Document Conversion Notice: This page was converted from the original file for easier reading. Diagrams/images may appear only in the original PDF below.
Document preview
File info: application/pdf · 2 pages · 514.19KB

TACLANE®-FLEX (KG-175F) Encryptor

Multi-Speed Customizable Encryption Platform

Overview

The TACLANE-FLEX is the next generation encryptor designed to address today's increased level of threat - both insider focused and external cyber attacks, as well as user demands for higher bandwidth applications and low SWaP (Size, Weight, and Power) equipment. TACLANE-FLEX is the first user customizable encryption platform to support multiple speeds, environments, and feature requirements.

Flexibility

Customer configuration puts the user in control of their encryptor based on needs and budget. The TACLANE-FLEX is a single encryption platform, scalable from 200 Mb/s to 2 Gb/s aggregate throughput by simply changing the pluggable interface and a field software upgrade. This provides a cost-effective security solution for today and eases migration as bandwidth needs grow in the future.

SWaP Optimized

Designed to provide a robust feature set in the smallest form factor possible, the TACLANE-FLEX extends to a wide variety of applications including those heavily restricted by size, weight, and power consumption. MIL-STD 810G compliant, the TACLANE-FLEX is designed to support both strategic and tactical applications that can be exposed to restrictive or harsh environments such as data centers, GSA safes, vehicular embedment, and field command posts.

Features at a Glance

  • User pluggable interfaces to support 200 Mb/s to 2 Gb/s Aggregate Throughput
  • Smallest, full featured HAIPE® Encryptor
  • MIL-STD ruggedized for harsh tactical environments and scalable to support strategic environments
  • Simultaneous HAIPE v4.2.5 and IPMEIR 1.0 compliant
  • Simultaneous Suite A/B without user intervention
  • Power Management Capability and Control
  • Safe keying features including Classified/Unclassified Device Generated Shared Key (DGSK) and Exclusion Keys (EKs)
  • ACC and KMI OTNK compliant
  • IPv4/6 Dual Stack
  • Supported by GEM® One Remote Encryptor Manager

NSA Certified and ACC Compliant

NSA Certified and ACC Compliant for Top Secret/SCI and Below

Protect Your Investment with Hardware Scalable for Future Needs - 200 Mb/s to 2 Gb/s Aggregate Throughput

Smallest, Lightest, Most Power Efficient 2 Gb HAIPE® Encryptor

Optional Features for Advanced Security, Performance and Networking

GEM® One Remote Management Capability

Advanced and Optional Features

  • Power Management: Designed to maximize efficiency, this feature enables users to select Standard Mode or Enhanced Mode providing greater control of power consumption. In Standard Mode, the FLEX provides the lowest power consumption and touch temperatures available in a 2 Gb HAIPE. Enhanced Mode supports advanced features such as TTS and Power over Ethernet (POE) that require additional power.
  • Layer 2 Passthrough / Agile VLAN: This optional feature provides support for simultaneous Layer 3 HAIPE and Layer 2 Data Link communications on a per packet basis without any infrastructure changes providing users a bridge to networks utilizing Ethernet Data Encryption. VLAN enabled TACLANES still interoperate with Non-VLAN enabled TACLANES. Other benefits include equipment and cost savings, increased bandwidth efficiency, failover and redundancy.
  • TACLANE Trusted Sensor (TTS): Leveraging the location of the in-line network encryptor (INE) in the network, the optional TTS software adds cyber sensing (IDS/IPS) capability through Deep Packet Inspection (DPI). This capability enables packet header and content filtering for malicious data and issues high assurance encrypted alerts to further protect from attacks. TTS uniquely supports open source, user unique or government classified rule sets. This in-depth inspection provides network administrators greater understanding of overall system health and the ability to fine tune network filtering to reduce response time and increase defense in depth.
  • Agile Performance Enhancing Proxy (PEP): When enabled, this optional feature provides TCP acceleration increasing network availability and performance in disadvantaged networks like SATCOM. Integrating this technology in the INE eliminates the need for external PEP devices. TACLANE Agile PEP uniquely provides simultaneous support for concurrent TACLANE Agile PEP, Standard TCP connections and all HAIPE traffic types on a per packet basis.
  • GEM® One Remote Management: An enterprise-level remote management solution, GEM One enables users to easily configure, monitor and maintain a dispersed network of encryptors and its ecosystem parts from anywhere in the network via an intuitive graphical user interface.

Technical Specifications

Size

  • 1.6"H x 5.5"W x 10.85" D
  • 19" Rack mountable, 3 Across, 1U

Weight

  • <5 lbs based upon configuration

Power

  • 32 Watts (Typical)
  • Battery: External user replaceable battery, one "1/2 AA" lithium cell
  • A full size lithium or alkaline "AA" battery is supported with a battery cap extender
  • Standard and MIL-STD 461F compliant power supply

Performance

  • Supports both 200 Mb/s and 2 Gb/s aggregate throughput via user-pluggable interfaces

Reliability

  • 314,000 Hrs Mean Time Between Failure (MTBF)

Environment

  • MIL-STD-810G
  • Operating Temp: -40° to +60°C (without POE); -40°C to +52°C (with POE)
  • Storage Temp: -40°C to +85°C
  • Humidity: 95% RH, Non-condensing
  • Altitude: Operational: 1,500 ft below sea level to 50,000 ft above sea level; Storage/transit: 1,500 ft below sea level to 70,000 ft above sea level
  • Shock/Vibration: 20g shock, 11ms Transportation Vibration, General Vibration, Category 4
  • Sand: 40 mph winds
  • Dust: 20 mph winds
  • Rain: Drip, Flow Rate 280 liters/meter²/hour
  • EMI/ TEMPEST: In accordance with NSTISSAM TEMPEST/1-92 Level 1
  • Implementation guide for strategic and tactical rack mount applications is available upon request

Standards Compliance

  • HAIPE v4.2.5
  • IPMEIR v1.0
  • HAIPE VLAN
  • ACC and KMI OTNK

Foreign Interoperability

  • Algorithm Agile - Simultaneous Suite A/B/AES EFF/IPMEIR without manual intervention P3, S2, Q2

Warranty

  • 5 year hardware and software warranty

Keying

  • Supports HAIPE to HAIPE Keying, APPK/ PPK, FIREFLY, Enhanced FIREFLY, Internet Key Exchange (IKE) v1/v2, Unclassified/Classified Device Generated Shared Key (DGSK), ACC, OTNK (KMI enabled)

Networking Features & Protocols

  • Protocols Supported: TCP, UDP, IPv4/IPv6 Dual Stack, ICMP, IGMP, ARP, DHCP, MLD, TFTP, HTTPS, HTTP, Netflow, NTP, RIP, RIPv2, RIPng, NDP, Syslog, IKE, IKEv2, HAIPE, IPMEIR, OTNK, CMS, XML, non IP with VLAN
  • Networking Features: Dynamic IP addressing, dynamic key management (key distribution through H-to-H key transfer and KMI in the future), Red address confidentiality and selectable dynamic discovery via Generic Discovery/Secure Dynamic Discovery or IMPEPD, dynamic routing updates through RIP and discovery protocols, support for route of last resort, support for Jumbo Ethernet Frames, support for VLAN and layer 2 traffic
  • Management: Full SNMPv3 management and HTTP browser based management, GEM X Manager
  • Multicast: IGMP and MLD on Red and Black networks
  • Quality of Service: Type of Service Octet bypass, PCP to TOS mapping for VLAN traffic, ECN congestion control bypass
  • Fragmentation: Support for fragmentation and reassembly on Black network traffic and fragmentation of Red IP traffic

Network Interfaces

  • Plaintext Data Interface
    Electrical / Mechanical: IEEE 802.3/Ethernet2; copper RJ-45 10/100/1000 Base-T, IEEE 802.3 optical rugged pluggable modules 100 Base-FX, 1000 Base-SX and 1000 Base-LX10, LC connectors, supports three PT ports (two pluggable optical connectors, one electrical Ethernet)
  • Ciphertext Data Interface
    Electrical/Mechanical: IEEE 802.3/Ethernet2; copper RJ-45 10/100/1000 Base-T, IEEE 802.3 optical rugged pluggable modules 100 Base-FX, 1000 Base-SX and 1000 Base-LX10, LC connectors, supports two CT ports (one pluggable optical connectors, one electrical Ethernet)
  • Console Management Interface
    Electrical/Mechanical: IEEE 802.3/Ethernet2; copper RJ-45 10/100 Base-T
  • Standard DS-101 key fill port
  • Remote zeroize input
  • Primary power 5VDC

Certifications

NSA Certified and ACC Compliant to protect information classified Top Secret/SCI and below.

Available to order through IDIQ & General Dynamics

NSN#

  • 100 Mb FLEX: 5810-01-655-9229
  • 1 Gb FLEX: 5810-01-659-9037

GENERAL DYNAMICS Mission Systems

gdmissionsystems.com/TACLANE

Phone: 781-410-9400 Toll-free: 888-Type1-4-U (888-897-3148) Fax: 781-410-9863

© 2021 General Dynamics. All rights reserved. TACLANE and GEM are trademarks of General Dynamics. HAIPE is a registered trademark of the National Security Agency. All other product and service names are the property of their respective owners. ® Reg. U.S. Pat. & Tm. Off. General Dynamics reserves the right to make changes in its products and specifications at anytime and without notice. The Type 1 encryption provided by the TACLANE is part of the Department of Defense, Defense in Depth strategy. Type 1 encryption is only one portion of the overall defense in depth. A comprehensive network Information Assurance strategy involving Defense in Depth is required to ensure secure and reliable protection for sensitive and classified information.

D-TLFLX-2-0321

Original Document

If the viewer doesn’t load, open the PDF directly.