CN9000 Series
100Gbps High Assurance
Mega Data Encryptor
Delivering 100,000,000,000 bits per second of high-assurance data encryption, the Thales CN9120 Network Encryptor provides data security (100 Gbps) and high speed network performance with ultra-low latency (<2 μS). Safeguard data in motion with high speed encryption proven to meet network performance demands for real-time low latency and near-zero overhead, ensuring security without compromise for big, or even data transmitted over networks across data centers and the cloud.
The CN9000 Series Ethernet Encryptors from Thales CPL are available for sale to the U.S. Federal Government exclusively through Thales TCT.
Use Cases
- Big Data Applications
- Data Center Interconnect
- ‘Mega Data’ Campus Network Environments
- Cloud Computing Services ‘Backbones’
- Aggregating High-Speed Network Links
- Large Scale, MAN and WAN Security
-
Encryptors At-A-Glance
Key Features
Model CN9120 Maximum Speed 100Gbps Support for Jumbo frames ✓ Protocol and application transparent ✓ Encrypts Unicast, Multicast and Broadcast traffic ✓ Automatic network discovery and connection establishment ✓ Network and local interface – SR4, LR4, ER4(lite) links (up to 40kms) QSFP28 Tamper resistant and evident enclosure, anti-probing barriers ✓ Flexible encryption policy engine ✓ Automatic key management ✓ AES 256 bit keys ✓ Encryption mode CTR Policy based on MAC address or VLAN ID ✓ Self-healing key management in the event of network outages ✓ FIPS 140-2 Level 3, DODIN APL ✓ Low overhead full duplex line-rate encryption ✓ FPGA based architecture ✓ Latency (microseconds per encryptor) <2 μS Front panel access for all interfaces ✓ Remote management using SNMPv3 (in-band and out-of-band) ✓ NTP (time server) support ✓ Centralized configuration and management using SMC/ CM7 and SNMPv3 ✓ Support for external (X.509v3) CAs ✓ CRL and OCSP (certificate) server support ✓ In-field firmware upgrades ✓ Dual hot-swappable AC power supplies ✓ User replaceable fans and batteries—dual redundancy ✓ Interoperable with all CN Series Encryptors ✓ Transport Independent Mode ✓ -
Resources
CN9120 Product Brief
Product overview with technical features and specifications.
White Paper: Security Weaknesses in Data in Motion Identified in Cybersecurity SurveyA global research report of IT and cybersecurity decision-makers highlights serious concerns about the security of data in motion across networks. White Paper: In Control at Layer 2 A Tectonic Shift in Network Security
Organizational espionage is real and set to intensify, contributing to a shift to the more efficient encryption of sensitive traffic at Layer 2. Compared to IPSec (Layer 3), Layer 2 secure encryption can boost network performance by up to 50%. This paper outlines the shift, and looks at the drivers and benefits of Layer 2 encryption.White Paper: Network Independent Encryption
First introduced to the CV Series virtualized encryption range in 2018, Thales Network Independent Encryption is now available for the CN Series of hardware encryption devices. It enables concurrent, policy-based multi-layer encryption for modern Ethernet and Internet protocol architecture.White Paper: Securing SD-WAN - End-to-End Encryption Solutions
This White Paper analyses the threats that organizations deploying SD-WAN face, explains why data in motion should be encrypted and offers guidance on choosing the right encryption solution.White Paper: High Speed Encryption Solutions Across MPLS Networks
High Speed Encryptors provide the optimal, most efficient means of encrypting data across modern metro or wide area Ethernet networks. By encrypting the payload of Ethernet traffic, sensitive data (including all IP addresses) is kept completely private whilst the frame headers are left unencrypted so that traffic can still be switched across the network. Although HSEs are designed for use across layer 2 networks such as metro or carrier Ethernet services, they can also be effectively deployed across layer 3 MPLS or IP/VPN environments. Download this white paper to learn more.White Paper: MACsec For WAN And High Assurance Encryptors: Network Security Comparisons
This paper seeks to highlight the differences between purpose-built high-assurance encryptors and MACsec for WAN solutions; helping customers make informed decisions about what solution type best meets their specific security, performance and operational requirements. The section overleaf provides a security feature comparative table.eBook: High Speed Ethernet WAN eBook
This eBook discussed how Thales enables you to implement a totally secure, full performance, high speed Ethernet WAN, ensuring your data is secure.Ethernet WAN Encryption Solutions Compared White Paper
This White Paper describes the comparative security and performance benefits of Ethernet WAN data security solutions. We compare the benefits of SafeNet Layer 2 high speed encryption hardware with integrated encryption using MACsec or TrustSec.Traffic Flow Security White Paper
As the old saying goes, “loose lips sink ships”. For today’s enterprises, it is network metadata doing the talking—and a lot of potentially dangerous entities are listening. This paper looks at the risks that metadata can pose to many organizations, and it reveals how transmission security can be used to create a safeguard against nefarious network traffic analysis.
On Demand Webinar: The Future of Encrypting Network Data
Thales Trusted Cyber Technologies, offers a network security solution that provides high-assurance data protection; dedicated encryption devices from 100Mbps to 100Gbps, support for multiple network and protocol configurations, secure key management, and authenticated end-to-end encryption.On Demand Webinar: Best Practices for Data in Transit Encryption In this webinar, attendees learned about the best practices for data in transit encryption. Attendees also learned how to efficiently and effectively protect their network traffic in order to safeguard it from threats.