CN6000 Series Encryptors – rack-mounted, carrier-grade encryption

CN6100The CN6000 Series encryptors provide highly secure, full line-rate transparent encryption for data in transit across both dark fiber and metro / wide area Ethernet networks; in point-to-point, hub & spoke or meshed environments.

The CN6000 Series are rack-mounted, network encryptors for mission-critical applications; offering 1Gbps to 10Gbps bandwidth speeds. They are the optimal choice when you require:

  • Efficient, investment-proof data encryption
  • Multi-purpose, in-field upgradable and flexible hardware
  • Choice of Common Criteria,and FIPS certifications
  • Compact 1U form factor with advanced performance and power features.

The CN6000 Series encryptors include integrated support for  KeySecure for Government, a centralized key management platform. KeySecure for Government provides simple and secure encryption key management across the entire lifecycle; including key generation, storage, distribution and deletion.

CN6000 Series Encryptors from Thales CPl are available for sale to the U.S. Federal Government exclusively through Thales TCT.

CN6010 Product Brief
CN6100 Product Brief
CN6140 Product Brief

Key Features

Model CN6010 CN6100 CN6140
Maximum Speed 1Gbps 10Gbps 40Gbps
Ethernet point-to-point, hub & spoke, mesh full-duplex encryption
Protocol and application transparent
FIPS 140-2 L3 certified
Low overhead full duplex line-rate encryption
Ultra-low latency for high performance
Support for external (X.509v3) CAs
Robust AES encryption algorithm
CRL and OCSP server support
Automatic key management
Flexible encryption policy engine
Encrypts Unicast, Multicast and Broadcast traffic
Network interfaces RJ45 SFP XFP SFP
Policy based on MAC address or VLAN ID
Support for Jumbo frames
Self-healing key management in the event of network outages
Per packet confidentiality and integrity with AES-GCM encryption*
Fibre Channel point-point encryption N/A N/A N/A
Automatic network discovery and connection establishment
Centralized configuration and management using CM7 and SMC
AES 128 or 256 bit keys 128/256 128/256 128/256
Remote management using SNMPv3 (in-band and out-of-band)
FPGA based cut-through architecture
Tamper resistant and evident enclosure
Anti-probing barriers
Dual swappable AC or DC power supplies
Flexible encryption policy engine
User replaceable fans and battery module
Fully interoperable with related CN/CS models
Transport Independent Mode