(Redirected from TACLANE)
A High Assurance Internet Protocol Encryptor (HAIPE) is a Type 1 encryption device that complies with the National Security Agency's HAIPE IS (formerly the HAIPIS, the High Assurance Internet Protocol Interoperability Specification). The cryptography used is Suite A and Suite B, also specified by the NSA as part of the Cryptographic Modernization Program. HAIPE IS is based on IPsec with additional restrictions and enhancements. One of these enhancements includes the ability to encrypt multicast data using a 'preplaced key' (see definition in List of cryptographic key types). This requires loading the same key on all HAIPE devices that will participate in the multicast session in advance of data transmission. A HAIPE is typically a secure gateway that allows two enclaves to exchange data over an untrusted or lower-classification network.
Taclane 175d User Manual
Kg 175d Operator Manual Kg 175d Operator Manual operator and field maintenance manual for kg-175d taclane-micro in-line network encryptor (nsn 5810-01-547-4520) (eic: n/a) (this item is included on em 0242) Unit Of Issue(s) BK Army Publishing Directorate kg 175d operator manual are. KG-175D front view: KG-175D rear view. KG-175D nameplate info. All KG-175D photos in this table via E-bay. Download image to enlarge. Does anyone know why the KG-175D looks so different than the KG-175? Contact: [email protected].
Examples of HAIPE devices include:
- L3Harris_Technologies' Encryption Products [1]
- KG-245X 10Gbit/s (HAIPE IS v3.1.2 and Foreign Interoperable),
- KG-245A fully tactical 1 Gbit/s (HAIPE IS v3.1.2 and Foreign Interoperable)
- RedEagle
- ViaSat's AltaSec Products[2]
- KG-250,[3] and
- KG-255 [1 Gbit/s][4]
- General Dynamics Mission Systems TACLANE Products[5]
- FLEX (KG-175F)
- 10G (KG-175X)
- Nano (KG-175N)
- Airbus Defence & Space ECTOCRYP Transparent Cryptography [6][7]
Three of these devices are compliant to the HAIPE IS v3.0.2 specification while the remaining devices use the HAIPE IS version 1.3.5, which has a couple of notable limitations: limited support for routing protocols or open network management.
A HAIPE is an IP encryption device, looking up the destination IP address of a packet in its internal Security Association Database (SAD) and picking the encrypted tunnel based on the appropriate entry. For new communications, HAIPEs use the internal Security Policy Database (SPD) to set up new tunnels with the appropriate algorithms and settings. Due to lack of support for modern commercial routing protocols the HAIPEs often must be preprogrammed with static routes and cannot adjust to changing network topology. While manufacturers support centralized management of their devices through proprietary software, the current devices offer no management functionality through open protocols or standards.
Both the HAIPE IS v3 management and HAIPE device implementations are required to be compliant to the HAIPE IS version 3.0 common MIBs. Assurance of cross vendor interoperability may require additional effort. An example of a management application that supports HAIPE IS v3 is the L3Harris Common HAIPE Manager (which only operates with L3Harris products).
A couple of new HAIPE devices will combine the functionality of a router and encryptor when HAIPE IS version 3.0 is approved. General Dynamics has completed its TACLANE version (KG-175R), which house both a red and a black Cisco router, and both ViaSat and L-3 Communications are coming out with a line of network encryptors at version 3.0 and above. Cisco is partnering with Harris Corporation to propose a solution called SWAT1[8]
There is a UK HAIPE variant that implements UKEO algorithms in place of US Suite A. Cassidian has entered the HAIPE market in the UK with its Ectocryp range. Ectocryp Blue is HAIPE version 3.0 compliant and provides a number of the HAIPE extensions as well as support for network quality of service (QoS). Harris has also entered the UK HAIPE market with the BID/2370 End Cryptographic Unit (ECU).[9]
In addition to site encryptors HAIPE is also being inserted into client devices that provide both wired and wireless capabilities. Examples of these include L3Harris Technologies' KOV-26 Talon and KOV-26B Talon2, and Harris Corporation's KIV-54 [10] and PRC-117G [11] radio.
See also[edit]
References[edit]
- ^L-3 Communication Encryption Products
- ^ViaSat Information Assurance web page
- ^ViaSat KG-250
- ^ViaSat KG-255
- ^General Dynamics TACLANE Encryptor (KG-175)
- ^'Ectocrypt Blue by Cassidian, an EADS Company'. Archived from the original on 2013-11-07. Retrieved 2013-11-18.
- ^'CASSIDIAN unveils ECTOCRYP YELLOW'. September 2013. Archived from the original on 2013-11-18.
- ^Cisco Harris SWAT1 Solution
- ^Harris UK BID/2370 ECU
- ^'Harris KIV-54 (SECNET 54)'(PDF). Archived from the original(PDF) on 2013-10-30. Retrieved 2013-11-18.
- ^'Harris AN/PRC-117G'. Archived from the original on 2008-09-30. Retrieved 2008-10-05.
External links[edit]
Taclane 175d Manual User
Retrieved from 'https://en.wikipedia.org/w/index.php?title=High_Assurance_Internet_Protocol_Encryptor&oldid=942976510'
Datasheet
Extracted Text
®®TACLANE -Micro (KG-175D)TACLANE -Micro (KG-175D)TACLANE-Micro Specifications®lightest, compact, all-in-one HAIPE IS solutionCompact Size Environmental Management Perform locally via connected front console, 1U (EIA Standard) Operating Temp. -40°C to 60°CTACLANE-Micro is now certified and shipping (-40°F to 140°F) or remotely via CT or PT interfaceFeatures At A Glance: 1.61”H x 5.5”W x 10.85'D Storage Temp. -40°C to 71°C Local ManagementInteroperable with all HAIPE IS compliant TACLANE Web-based using standard browser (-40°F to 160°F) Up to 3 units mounted side-by-sidemodels in 19' rack Retains TACLANE menu structure and Humidity 95% non-condensingField tamper recoverable commandsBoth fiber and copper interfaces Weight 4.25 lbs MIL-STD 810 (Sand/Dust, Rain, Altitude, Front View Rear ViewOptional Remote Management Shock, Vibration) Fully ruggedized for tactical environments Standards-based SNMP v3AvailabilityOverview HAIPE IS v1.3.5 and crypto modernization compliant TACLANE-Micro is now certified and MIL-STD 167-1 (Vibration)® HAIPE IS, Standard and Enterprise MIBsTACLANE -Micro is the next generation High Assurance IP (HAIPE v3 via software upgrade) shipping. supported® MIL-STD 901D (Navy Hammer Shock)Encryptor Interoperability Specification (HAIPE IS) and PerformancePower Device can be managed by any HAIPE ISCrypto Modernization Compliant encryptor. Optimized for 200 Mb/s aggregate throughput MIL-STD 461E (Electromagnetic <30 Watts compliant manager Compatibility) both tactical and strategic environments, the TACLANE-Micro >23 SAs/sec minimizes set up time Up to 9 simultaneous remote managers is high-speed, compact and mobile. Available as a new unit, or Remote zeroize capability Lithium 3.6V for extreme environmentsTEMPEST In accordance with NSTISSAM TEMPEST/1-92 as a low cost trade-in for your TACLANE-Mini, Local or optional remote management with GEM X™Network Protocols User Replaceable Battery Level 1 ®2TACLANE-Classic, TACLANE-E100 or Sectéra INE, the IPv4/IPv6 Dual Stack Encryptor ManagerTACLANE-Micro is your high value, low cost solution.Altitude Low power (<30 Watts) Standard Alkaline AA Battery for benign IPv6 neighbor discovery and address Storage Sea level up to 40,000 ft2 environments resolution User replaceable batteryLightweight, Compact and Mobile Operating Sea level up to 15,000 ft Standard AA battery in benign environmentsThe small form factor is ideal for both tactical and desktop Ethernet Passively cooled via natural convectionLow latency and reset recovery for time critical Address Resolution Protocol (ARP)environments.Reliabilityapplications MIL-STD 461E EMI Compliant power supply 320,000 Hrs Mean Time Between Failure Internet Group Management Protocol (IGMP)Fully ruggedized for tactical environments (Ground fixed benign) includedOver the network software upgrade (v1/v2) Queries/reportsWeight 4.25 lbsWeb-based TACLANE HMISecurity Associations (SAs)Speed Internet Control Message Protocol (ICMP)Smallest full bandwidth encryptor available >23 SAs/secondAdd/change/delete static routes, fill Full bandwidth, 200 Mb/s aggregateOverall size is 1.61”H x 5.5”W x 10.85'D Path Maximum Transmission Unit (PMTU)key and perform software upgrades Supports large networks with 512 fully meshed Discovery Mount up to 3 units across in 1 standard 19' rack 10/100 Mb/s auto negotiation nodes simultaneouslywithout taking the TACLANE offline (full/half duplex) (1U in height including mounting shelf) HAIPE IS v1.3.5 Secure Dynamic Discovery Existing connections replaced as needed Passively cooled (no fans or moving parts)Standard Compliance Static routing 16,000 Hosts allocated over active security HAIPE IS v1.3.5Decrease Size and Increase Value: associations HAIPE IS v1.3.5 Internet Key Exchange (IKE)5 years of hardware and software warranty for both Crypto ModernizationKeysOver the Network Software Upgradetrade-in and new units 16 Traditional Pre-placed Keys (PPKs) Chains, Reprogram algorithms, protocols andInterfaces with up to 11 changeover keys per slot Seamless Communications Using IPv4/IPv6 Seamless Communications Using IPv4/IPv6Free 24 hours/day, 7 days/week Help Desk Support interfaces Cipher-Text (CT) and Plain-Text (PT) (load PPKs once a year)IPv6 capabilities will be available with HAIPE IS v3.02 software upgrade (1Q 2009).Throughput rates below are shown in aggregate.EnhancementsFuture Software Upgradeable Features: Supports PPKs, FIREFLY and Enhanced 10/100 Base-T electrical, RJ-45 connector VLAN Trunking FIREFLY keysIPv4/IPv6 Dual Stack, IM-PEPD and Foreign 100 FX, 1310nm Optical, LC connector Quality of Service (QoS)Interoperability via free HAIPE v3.02 software upgrade Low LatencySoldier Ideal for time delay critical applicationsServer3 (release expected to be submitted to NSA for Standard DS-101 Key Fill Port HAIPE IS Future Versions (VoIP and satellite) SATCOMFarmcertification 1Q 2009)1 Key Fill Bus Capability Over the Network Keying (OTNK)IPv4/IPv6 Does not exceed 100usec for <= 80 byte packetFuture HAIPE IS versions including Dynamic Discovery TACLANE-MicroCertifications Primary Power 12VDC 30 Watts and common Management Information Base (MIB) via (200 Mb/s)Reset Recovery IPv4/IPv6IPv4 TACLANE-Micro is NSA Certified to protect 60 Second setup, startup, and recovery fromover the network software upgrade information classified Top Secret Codeword IPv4/IPv6 Remote zeroize input power-onTACLANE-GigE and below.IPv4/IPv6(2 Gb/s)AvailabilityIPv4®Sectéra INETACLANE-Micro is offered for new installations or as a low IPv4/IPv6 IIPv4/IPv6 Pv4/IPv6(9 Mb/s) IPv6cost trade-in for your TACLANE-Mini, TACLANE-Classic, 1 Hardware in place for addition of feature IPv4/IPv6 IPv4/IPv6TACLANE-Router IPv6TACLANE-E100 or Sectéra INE. TACLANE-Micro is now TACLANE-Mini2Remotely Managed by: IPv6 available with HAIPE IS v3.02 via software upgrade (1Q 2009)(200 Mb/s)certified and shipping. (200 Mb/s encryption/decryption)Edge3 RouterIPv4/IPv6 IPv4/IPv6 Via software upgradeIPv4Training and Customer Support Dates are based on Calendar Year.TACLANEYou are never alone when you partner with General Dynamics Classic/E100Land (7+ Mb/s/164 Mb/s)Airto secure your critical information. With over 95,000 network Secure Communications: We Bring You What's NextIPv4encryptors deployed worldwide, General Dynamics is committed to support our customers. Classroom training is SeaINFOSEC 77 A Street, Needham, MA 02494-2806 USAavailable as well as 24/7 Help Desk support. Phone: 781-455-2800 Toll-free: 888-Type1-4-U (888-897-3148) Fax: 781-455-5555E-mail: [email protected] Web site: www.gdc4s.com/secureproducts©2008 General Dynamics. All rights reserved. TACLANE, Sectéra and GEM X are trademarks of General Dynamics. HAIPE is a registered trademark of the National Security Agency. All other product and service names are the property of their respective owners. Reg. U.S. Pat. & Tm. Off. General Dynamics reserves the right to make changes in its products and speciŢcations at anytime and without notice. The Type 1 encryption provided by the TACLANE is part of the Department of Defense, Defense in Depth strategy. Type 1 encryption is only one portion of the overall defense in depth. A comprehensive network Information Assurance strategy involving Defense in Depth is required to ensure secure and reliable protection for sensitive and classiŢed information. GDC4SE 01/07/08®®TACLANE -Micro (KG-175D)TACLANE -Micro (KG-175D)TACLANE-Micro Specifications®lightest, compact, all-in-one HAIPE IS solutionCompact Size Environmental Management Perform locally via connected front console, 1U (EIA Standard) Operating Temp. -40°C to 60°CTACLANE-Micro is now certified and shipping (-40°F to 140°F) or remotely via CT or PT interfaceFeatures At A Glance: 1.61”H x 5.5”W x 10.85'D Storage Temp. -40°C to 71°C Local ManagementInteroperable with all HAIPE IS compliant TACLANE Web-based using standard browser (-40°F to 160°F) Up to 3 units mounted side-by-sidemodels in 19' rack Retains TACLANE menu structure and Humidity 95% non-condensingField tamper recoverable commandsBoth fiber and copper interfaces Weight 4.25 lbs MIL-STD 810 (Sand/Dust, Rain, Altitude, Front View Rear ViewOptional Remote Management Shock, Vibration) Fully ruggedized for tactical environments Standards-based SNMP v3AvailabilityOverview HAIPE IS v1.3.5 and crypto modernization compliant TACLANE-Micro is now certified and MIL-STD 167-1 (Vibration)® HAIPE IS, Standard and Enterprise MIBsTACLANE -Micro is the next generation High Assurance IP (HAIPE v3 via software upgrade) shipping. supported® MIL-STD 901D (Navy Hammer Shock)Encryptor Interoperability Specification (HAIPE IS) and PerformancePower Device can be managed by any HAIPE ISCrypto Modernization Compliant encryptor. Optimized for 200 Mb/s aggregate throughput MIL-STD 461E (Electromagnetic <30 Watts compliant manager Compatibility) both tactical and strategic environments, the TACLANE-Micro >23 SAs/sec minimizes set up time Up to 9 simultaneous remote managers is high-speed, compact and mobile. Available as a new unit, or Remote zeroize capability Lithium 3.6V for extreme environmentsTEMPEST In accordance with NSTISSAM TEMPEST/1-92 as a low cost trade-in for your TACLANE-Mini, Local or optional remote management with GEM X™Network Protocols User Replaceable Battery Level 1 ®2TACLANE-Classic, TACLANE-E100 or Sectéra INE, the IPv4/IPv6 Dual Stack Encryptor ManagerTACLANE-Micro is your high value, low cost solution.Altitude Low power (<30 Watts) Standard Alkaline AA Battery for benign IPv6 neighbor discovery and address Storage Sea level up to 40,000 ft2 environments resolution User replaceable batteryLightweight, Compact and Mobile Operating Sea level up to 15,000 ft Standard AA battery in benign environmentsThe small form factor is ideal for both tactical and desktop Ethernet Passively cooled via natural convectionLow latency and reset recovery for time critical Address Resolution Protocol (ARP)environments.Reliabilityapplications MIL-STD 461E EMI Compliant power supply 320,000 Hrs Mean Time Between Failure Internet Group Management Protocol (IGMP)Fully ruggedized for tactical environments (Ground fixed benign) includedOver the network software upgrade (v1/v2) Queries/reportsWeight 4.25 lbsWeb-based TACLANE HMISecurity Associations (SAs)Speed Internet Control Message Protocol (ICMP)Smallest full bandwidth encryptor available >23 SAs/secondAdd/change/delete static routes, fill Full bandwidth, 200 Mb/s aggregateOverall size is 1.61”H x 5.5”W x 10.85'D Path Maximum Transmission Unit (PMTU)key and perform software upgrades Supports large networks with 512 fully meshed Discovery Mount up to 3 units across in 1 standard 19' rack 10/100 Mb/s auto negotiation nodes simultaneouslywithout taking the TACLANE offline (full/half duplex) (1U in height including mounting shelf) HAIPE IS v1.3.5 Secure Dynamic Discovery Existing connections replaced as needed Passively cooled (no fans or moving parts)Standard Compliance Static routing 16,000 Hosts allocated over active securityPrice: $9,900 each HAIPE IS v1.3.5Decrease Size and Increase Value: associations HAIPE IS v1.3.5 Internet Key Exchange (IKE)Trade-in Option: $7,950 (currently direct sales only)5 years of hardware and software warranty for both Crypto ModernizationKeysOver the Network Software Upgradetrade-in and new units 16 Traditional Pre-placed Keys (PPKs) Chains, Reprogram algorithms, protocols andInterfaces with up to 11 changeover keys per slot Seamless Communications Using IPv4/IPv6 Seamless Communications Using IPv4/IPv6Free 24 hours/day, 7 days/week Help Desk Support interfaces Cipher-Text (CT) and Plain-Text (PT) (load PPKs once a year)IPv6 capabilities will be available with HAIPE IS v3.02 software upgrade (1Q 2009).Throughput rates below are shown in aggregate.EnhancementsFuture Software Upgradeable Features: Supports PPKs, FIREFLY and Enhanced 10/100 Base-T electrical, RJ-45 connector VLAN Trunking FIREFLY keysIPv4/IPv6 Dual Stack, IM-PEPD and Foreign 100 FX, 1310nm Optical, LC connector Quality of Service (QoS)Interoperability via free HAIPE v3.02 software upgrade Low LatencySoldier Ideal for time delay critical applicationsServer3 (release expected to be submitted to NSA for Standard DS-101 Key Fill Port HAIPE IS Future Versions (VoIP and satellite) SATCOMFarmcertification 1Q 2009)1 Key Fill Bus Capability Over the Network Keying (OTNK)IPv4/IPv6 Does not exceed 100usec for <= 80 byte packetFuture HAIPE IS versions including Dynamic Discovery TACLANE-MicroCertifications Primary Power 12VDC 30 Watts and common Management Information Base (MIB) via (200 Mb/s)Reset Recovery IPv4/IPv6IPv4 TACLANE-Micro is NSA Certified to protect 60 Second setup, startup, and recovery fromover the network software upgrade information classified Top Secret Codeword IPv4/IPv6 Remote zeroize input power-onTACLANE-GigE and below.IPv4/IPv6(2 Gb/s)AvailabilityIPv4®Sectéra INETACLANE-Micro is offered for new installations or as a low IPv4/IPv6 IIPv4/IPv6 Pv4/IPv6(9 Mb/s) IPv6cost trade-in for your TACLANE-Mini, TACLANE-Classic, 1 Hardware in place for addition of feature IPv4/IPv6 IPv4/IPv6TACLANE-Router IPv6TACLANE-E100 or Sectéra INE. TACLANE-Micro is now TACLANE-Mini2Remotely Managed by: IPv6 available with HAIPE IS v3.02 via software upgrade (1Q 2009)(200 Mb/s)certified and shipping. (200 Mb/s encryption/decryption)Edge3 RouterIPv4/IPv6 IPv4/IPv6 Via software upgradeIPv4Training and Customer Support Dates are based on Calendar Year.TACLANEYou are never alone when you partner with General Dynamics Classic/E100Land (7+ Mb/s/164 Mb/s)Airto secure your critical information. With over 95,000 network Secure Communications: We Bring You What's NextIPv4encryptors deployed worldwide, General Dynamics is committed to support our customers. Classroom training is SeaINFOSEC 77 A Street, Needham, MA 02494-2806 USAavailable as well as 24/7 Help Desk support. Phone: 781-455-2800 Toll-free: 888-Type1-4-U (888-897-3148) Fax: 781-455-5555E-mail: [email protected] Web site: www.gdc4s.com/secureproducts©2008 General Dynamics. All rights reserved. TACLANE, Sectéra and GEM X are trademarks of General Dynamics. HAIPE is a registered trademark of the National Security Agency. All other product and service names are the property of their respective owners. Reg. U.S. Pat. & Tm. Off. General Dynamics reserves the right to make changes in its products and speciŢcations at anytime and without notice. The Type 1 encryption provided by the TACLANE is part of the Department of Defense, Defense in Depth strategy. Type 1 encryption is only one portion of the overall defense in depth. A comprehensive network Information Assurance strategy involving Defense in Depth is required to ensure secure and reliable protection for sensitive and classiŢed information. GDC4SE 01/07/08