The CN4000 series is the ideal low-cost, high-performance encryptor range for small agencies. They also enable an ideal cost effective “encrypt everywhere” solution for large agencies.
The CN4000 series encryptors help ensure that no organization – large or small – need risk costly network data breaches.
The CN4000 series of encryptors deliver cutting edge protection of data, voice and video communications – without compromising network performance. Despite their compact “modem ” form-factor and small footprint, CN4000 encryptors deliver the same world-leading CN encryption platform’s high-assurance data protection and performance benefits. Valuable CN encryptor benefits, such as zero network impact, near-zero latency, simple implementation and 100% interoperability are all delivered by the CN4000 encryptors.
A compact “desktop” device, CN4000 encryptors are also designed to be the optimal entry-level solutions.
The CN4000 Series from Thales CPL is available for sale to the U.S. Federal Government exclusively through Thales TCT.
- CN4010 Ethernet Encryptor: Compact encryptor for distributed computing environments and branch office locations with an electrical Ethernet interface (RJ- 45), featuring variable speed licenses up to 1 Gbps.
- CN4020 Ethernet Encryptor: Provides optical Ethernet interface encryption in a versatile, compact platform for a range of Fibre to the x (FTTx) configurations up to 1 Gbps.
Key Features
| Model | CN4010 | CN4020 |
|---|---|---|
| Maximum Speed | 1Gbps | 1Gbps |
| Physical encryption channels | 1 | 1 |
| Protocol and application transparent | ✓ | ✓ |
| DoDIN APL certified | ✓ | ✓ |
| FIPS 140-2 L3 certified | ✓ | ✓ |
| Low overhead full duplex line-rate encryption | ✓ | ✓ |
| Ultra-low latency for high performance | ✓ | ✓ |
| Support for external (X.509v3) CAs | ✓ | ✓ |
| Network interfaces | RJ45 | SFP* |
| Robust AES encryption algorithm | ✓ | ✓ |
| AES 128 or 256bit keys | 128/256 | 128/256 |
| CRL and OCSP server support | ✓ | V |
| Automatic key management | ✓ | ✓ |
| Flexible encryption policy engine | ✓ | ✓ |
| Encrypts Unicast, Multicast and Broadcast traffic | ✓ | ✓ |
| Policy based on MAC address or VLAN ID | ✓ | ✓ |
| Support for Jumbo frames | ✓ | ✓ |
| Self-healing key management in the event of network outages | ✓ | ✓ |
| Per packet confidentiality and integrity with AES-GCM encryption* | ✓ | ✓ |
| Smart network discovery and automatic connection establishment | ✓ | ✓ |
| Centralized configuration and management using Senetas CM7 | ✓ | ✓ |
| Remote management using SNMPv3 (in-band and out-of-band) | ✓ | ✓ |
| FPGA based cut-through architecture | ✓ | ✓ |
| Tamper resistant and evident enclosure | ✓ | ✓ |
| Fully interoperable with related CN/CS/SEE models | ✓ | ✓ |
| Transport Independent Mode | ✓ | ✓ |
