L3 Box S* VPN Gateway for RESTRICTED Communication - Secunet
L3 Box S* VPN Gateway for RESTRICTED Communication - Secunet
L3 Box S* VPN Gateway for RESTRICTED Communication - Secunet
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>L3</strong> <strong>Box</strong> S<br />
Secure system boot and operation<br />
Depending on the actual conditions of the IT infrastructure and projectspecific<br />
communications requirements, it is possible to use the SINA <strong>L3</strong><br />
<strong>Box</strong>es S with thousands of simultaneous security associations. Upon<br />
system start-up, the SINA <strong>L3</strong> <strong>Box</strong> S software is securely loaded from flash<br />
memory. All initial configuration data and security associations <strong>for</strong> the<br />
SINA <strong>L3</strong> <strong>Box</strong> are stored in a protected area of the SINA smart card. When<br />
a SINA <strong>L3</strong> <strong>Box</strong> is started, the security associations to the SINA Management<br />
and the communications-related SINA <strong>L3</strong> <strong>Box</strong>es are set up as IPsec<br />
<strong>VPN</strong> tunnels. If necessary, additional security associations or configuration<br />
data can be downloaded from the SINA Management. This greatly<br />
simplifies configuration, installation and hardware replacement with the<br />
SINA <strong>L3</strong> <strong>Box</strong>.<br />
Systems monitoring<br />
The SINA <strong>L3</strong> <strong>Box</strong>es log all system-monitoring relevant data during operation.<br />
The syslog data can be imported into network management systems<br />
<strong>for</strong> further processing and/or displayed as required. The new SINA <strong>L3</strong> <strong>Box</strong> S<br />
software version 3.3 (planned <strong>for</strong> Q4 2012) supports SNMP v2c.<br />
High availability<br />
Using redundant configurations it is possible to increase availability and<br />
safeguard against failure of SINA <strong>L3</strong> <strong>Box</strong>es. An automatic switchover<br />
mode triggers a second SINA <strong>L3</strong> <strong>Box</strong> to take over the functions of the<br />
failed SINA <strong>L3</strong> <strong>Box</strong>. The SINA <strong>L3</strong> <strong>Box</strong>es S 1G and 3G are equipped with<br />
redundant power supply units.<br />
Additional details and per<strong>for</strong>mance data<br />
* For further in<strong>for</strong>mation about the new naming concept refer to: www.secunet.com/en/sina.<br />
** For German national use only.<br />
*** Due to several different producer-specific product variations SFP modules are not included in the scope of delivery. E. g. the following modules can be loaded:<br />
Finisar FTLF8519P2BNL (optic fibre, Short Range, Multi Mode), Source SP-GB-LX-CDFH (optic fibre, Long Range, Single Mode) or 3COM 3CSFP93 RJ45.<br />
More in<strong>for</strong>mation:<br />
www.secunet.com/en/sina<br />
SINA_<strong>L3</strong><strong>Box</strong>S_V1_04/12_GB<br />
Satellite communication<br />
The use of SINA <strong>L3</strong> <strong>Box</strong>es requires IP-enabled transport networks, including<br />
satellite communication lines. Satellite optimisers support the effective<br />
use of the available bandwidth of the satellite lines.<br />
Management<br />
The SINA Management is used <strong>for</strong> central configuration of all SINA <strong>L3</strong><br />
<strong>Box</strong>es in the network. An integrated public key infrastructure (PKI) with<br />
the corresponding user management supports the main administrative<br />
processes, particularly the personalisation, generation and/or updating of<br />
keys and cryptographic parameters as well as the administration of associated<br />
PINs and PUKs on the smart cards.<br />
Approval-related construction classes<br />
SINA <strong>L3</strong> <strong>Box</strong> S<br />
Approval level <strong>RESTRICTED</strong>, NATO <strong>RESTRICTED</strong>, RESTREINT UE**<br />
Software versions 2.2<br />
3.3 (planned <strong>for</strong> Q4 2012)<br />
Authentication token SINA smart card<br />
SINA <strong>L3</strong> <strong>Box</strong> S 30M SINA <strong>L3</strong> <strong>Box</strong> S 200M SINA <strong>L3</strong> <strong>Box</strong> S 1G SINA <strong>L3</strong> <strong>Box</strong> S 3G 10Cu SINA <strong>L3</strong> <strong>Box</strong> S 3G 6Cu 4SFP<br />
General technical data<br />
Size 228 x 165 x 44,45 mm 19” 1 U 19” 1 U 19” 2 U 19” 2 U<br />
Weight 1.8 kg 7.8 kg 9 kg 12.5 kg 12.5 kg<br />
Power consumption<br />
Crypto hardware<br />
18 W 85 W 105 W 256 W 256 W<br />
Encryption per<strong>for</strong>mance approx. 30 MBit/s approx. 200 MBit/s approx. 1000 MBit/s approx. 3000 MBit/s approx. 3000 MBit/s<br />
Symmetric<br />
cryptography<br />
AES AES AES AES AES<br />
Asymmetric<br />
cryptography<br />
LAN connections<br />
EC-GDSA, EC-DH EC-GDSA, EC-DH EC-GDSA, EC-DH EC-GDSA, EC-DH EC-GDSA, EC-DH<br />
Network interfaces*** 4 x 10/100/1000 MBit Cu 4 x 10/100/1000 MBit Cu 4 x 10/100/1000 MBit Cu 10 x 10/100/1000 MBit Cu 6 x 10/100/1000 MBit Cu<br />
Temperature<br />
2 x 1000 MBit SFP<br />
2 x 1000 MBit SFP<br />
4 x 1000 MBit SFP<br />
Operation +5 °C to +40 °C +5 °C to +40 °C +5 °C to +40 °C +5 °C to +40 °C +5 °C to +40 °C<br />
Transport -20 °C to +60 °C -20 °C to +60 °C -20 °C to +60 °C -20 °C to +60 °C -20 °C to +60 °C<br />
Item number SB50.04 SB50.23 SB50.24 SB50.05 SB50.22<br />
secunet▀Security▀Networks▀AG<br />
Kronprinzenstraße▀30<br />
45128▀Essen,▀Germany<br />
Phone:▀ +49▀-▀201-▀54▀54▀-▀0▀<br />
Fax:▀ +49▀-▀201-▀54▀54▀-1000<br />
E-mail:▀ info@secunet.com▀<br />
www.secunet.com