Thales Norway AS NISnet Kick-off UiB 10. oktober 2007 Leif Nilsen
Download
Report
Transcript Thales Norway AS NISnet Kick-off UiB 10. oktober 2007 Leif Nilsen
Thales Norway AS
NISnet Kick-off
UiB 10. oktober 2007
Leif Nilsen
Thales Norway AS
Thales
Internasjonalt konsern med
hovedkontor i Frankrike
68 000 ansatte i tre forretningsområder
Omsetning >10.2 milliarder Euro (2006)
Defence
Thales Norway
Heleid datterselskap med 185 ansatte
Kontorer i Oslo, Trondheim og Stavanger
Produktutvikling, systemintegrasjon, tjenester
Aerospace
Største produktområder
Sikkerhetsløsninger – krypto - MMS
Kommunikasjonsnettverk
Thales Norway er verdensledende på leveranser
av High Grade krypto til NATO (-land)
1
Thales Norway AS
Security
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Thales
EKMS
TCE 621
2002
TCE 611
TCE 500
TCE 300
KTP 3
1999
1997
1993
TVPN
1987
TCE 520
1978
RACE
1970
1967
TCE 160
Cryptel 265
1963
ETCRRM
1960
Cryptel 245
1956
Cryptel 240
Selma
2
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Historical Product Overview - Security
High grade crypto device for IP based
data networks
Approved by Norwegian National
Security Authorities for all security levels
Approved by NATO for all security levels
TCE 621 - 10 Mb/s
– including Cosmic Top Secret
7000 units sold
TCE 621/B - 100 Mb/s –
TCE 621/C - 1 GB/s
Used in national networks in 21 countries
Prepared for Dual Algorithms / national
adaptation and evaluation
Main functions (TCE 621, TCE 621/B & TCE 621/C)
TCE 621 the NATO standard
IP crypto equipment
3
Thales Norway AS
Supports both IPv4 and IPv6
Electronic and/or manual key distribution
Removable crypto ignition key
Tamper protected case
Tempest according to AMSG 720B
NATO approved crypto algorithm
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Cryptel®-IP family
TCE 621
(GEN-1-17)
Data rate
10 Mbps
TCE 621
generation
Characteristics as
1st generation
Throughput
>6 Mbps
4
Additional features
Internal power
Multicast
AUI interface
Redundancy
NATO approved
for CTS
NAT / UDP encaps.
Selected as
NICE
SW upgradeable
locally
Thales Norway AS
TCE 621/B
TCE 621/C
2nd
ACR load
Fully compatible with Fully compatible with
10 Mbps version
10 Mbps version
Data rate
Data rate
10/100 Mbps
Throughput
~100 Mbps
~100.000 pps
External power
Ethernet / Fibre
interface
Approved for Secret,
target CTS
Central SW upgrade
Prepared for
new/dual algorithms
10/100/1000 Mbps
Throughput
>300 Mbps
~100.000 pps
External power
Ethernet / Fibre
interface
Approved for
Secret, target CTS
Central SW upgrade
Prepared for
new/dual algorithms
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Cryptel®-IP family components
Cryptel®-IP family today
Security Management Center
TCE 621 KP
TCE 621 FE
TCE 621/B
Out of area
operations
TCE 671
Multicast
TCE 621
QoSrouter
TCE 621
Redundancy
TCE 621
Wide Area
Network
(WAN)
TCE 621/B
NATtraversal
Network manager
interface
5
Thales Norway AS
Host
protection
Examples of available functionality
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Tactical
networks
eCustodian System
KPE
ADS server
MMHS client
MMHS
Server
ADS client
TCE 621
IP network
TCE 621
TCE 621
ADS server
MMHS client
ADS server
MMHS client
SubDA
LDA
KPE
KPE
6
DTD
Reproduction PC
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
NDA
Key
Production
Equipments
Secure
Radio and
Telephone
Switching
Non-secure
Radio and
Telephone
Switching
VCF
MFT
OTA
LAN
Telephone
Network
LAN
VCF
Radio
Transmission
Network
MFT
Remote
Radio
OTA
Local
Radio
Crypto
Crypto
Crypto
unit
unit
unit
Secure switching
network
7
Thales Norway AS
Non-secure switching
network
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
OTA i VCS
Cross Domain Solutions (CDS)
Information exchange between security domains
Trusted platforms, MLS (MILS), Content/role based access
Object labelling, XML security
Flexible and dynamic infrastructure
Protected Core Networking (PCN)
Prevention of unauthorized traffic
End-to-end QoS
Extended core, Object level protection
Key management
8
Number of keys, flexibility and speed
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
NNEC challenges
Implementasjon med maksimal tillit (assurance)
Design for evaluering
Fleksible implementasjoner
Interoperabilitet
SCIP
HAIPE
EKMS
Høyhastighetskrypto (> 10 Gbps)
Nettverksutfordringer (NEC, AdHoc)
Dual Mode
9
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Aktuelle problemstillinger