The CN4000 series is the ideal low-cost, high-performance encryptor range for small agencies. They also enable an ideal cost effective “encrypt everywhere” solution for large agencies.
The CN4000 series encryptors help ensure that no organization – large or small – need risk costly network data breaches.
The CN4000 series of encryptors deliver cutting edge protection of data, voice and video communications – without compromising network performance. Despite their compact “modem ” form-factor and small footprint, CN4000 encryptors deliver the same world-leading CN encryption platform’s high-assurance data protection and performance benefits. Valuable CN encryptor benefits, such as zero network impact, near-zero latency, simple implementation and 100% interoperability are all delivered by the CN4000 encryptors.
A compact “desktop” device, CN4000 encryptors are also designed to be the optimal entry-level solutions.
The CN4000 Series from Thales CPL is available for sale to the U.S. Federal Government exclusively through Thales TCT.
- CN4010 Ethernet Encryptor: Compact encryptor for distributed computing environments and branch office locations with an electrical Ethernet interface (RJ- 45), featuring variable speed licenses up to 1 Gbps.
- CN4020 Ethernet Encryptor: Provides optical Ethernet interface encryption in a versatile, compact platform for a range of Fibre to the x (FTTx) configurations up to 1 Gbps.
Key Features
Model | CN4010 | CN4020 |
---|---|---|
Maximum Speed | 1Gbps | 1Gbps |
Physical encryption channels | 1 | 1 |
Protocol and application transparent | ✓ | ✓ |
DoDIN APL certified | ✓ | ✓ |
FIPS 140-2 L3 certified | ✓ | ✓ |
Low overhead full duplex line-rate encryption | ✓ | ✓ |
Ultra-low latency for high performance | ✓ | ✓ |
Support for external (X.509v3) CAs | ✓ | ✓ |
Network interfaces | RJ45 | SFP* |
Robust AES encryption algorithm | ✓ | ✓ |
AES 128 or 256bit keys | 128/256 | 128/256 |
CRL and OCSP server support | ✓ | V |
Automatic key management | ✓ | ✓ |
Flexible encryption policy engine | ✓ | ✓ |
Encrypts Unicast, Multicast and Broadcast traffic | ✓ | ✓ |
Policy based on MAC address or VLAN ID | ✓ | ✓ |
Support for Jumbo frames | ✓ | ✓ |
Self-healing key management in the event of network outages | ✓ | ✓ |
Per packet confidentiality and integrity with AES-GCM encryption* | ✓ | ✓ |
Smart network discovery and automatic connection establishment | ✓ | ✓ |
Centralized configuration and management using Senetas CM7 | ✓ | ✓ |
Remote management using SNMPv3 (in-band and out-of-band) | ✓ | ✓ |
FPGA based cut-through architecture | ✓ | ✓ |
Tamper resistant and evident enclosure | ✓ | ✓ |
Fully interoperable with related CN/CS/SEE models | ✓ | ✓ |
Transport Independent Mode | ✓ | ✓ |