Thales TCT is pleased to announce the release of High Speed Encryption (HSE) Firmware (FW) V5.1. Continuing our commitment to provide innovative products that meet our customers’ security needs, HSE FW 5.1 contains a number of customer requested enhancements, product maintenance items, and documentation improvements.
Thales TCT recommends that all HSEs be updated to the V5.1 firmware as soon as possible. The V5.1 is not backward compatible with prior versions of code but provides extensive feature advancements, updates to meet the latest security standards, and address critical known issues as outlined below. Thales TCT will still offer HSE FW V 2.7.1 to customers who require previous versions of code.
The V5.1 firmware release introduces Transport Independent Mode (TIM) which provides network independent encryption allowing customers to secure data in motion at layer 2, 3, or 4. In addition to the TIM enhancement, 100G Forward Error Correction (FEC) and GCM mode, and support for EQKD were added. Please refer to the Customer Release Note (CRN) and Users Guide for a full list of features now available.
Security Standard Updates
V5.1 firmware meets the latest NIST guidance set out in the Transitioning the Use of Cryptographic Algorithms and Key Lengths publication (SP800-131A). These updates to the V5.1 firmware render it inoperable with any prior version. It is recommended that all fielded units be upgraded to Firmware V5.1 to meet the latest NIST guidance and to ensure interoperability within the network. Please see the Release Notes for further details on interoperability and upgrade caveats.
Known Issue/Bug Fix
The HSE software library requires modification in order to address an undesired function. The fix removes an authentication mechanism whereby self-signed encryptor certificates may be accepted during session establishment. The change reduces the scope of accepted certificates, but does not alter the underlying security or cryptographic mechanism. Patches are available via Thales TCT customer support to address this issues.To learn more about high speed encryption, visit www.thalestct.com/hse.
The SafeNet Ethernet Encryptor CN6140 is now available for sale to the U.S. Federal Government. The CN6140 is a multi-port (1 or 10 Gbps), high-assurance encryptor designed to provide up to 40 Gbps (4x10), full line rate transparent encryption for all voice, video, and data communications moving across dark fiber, and metro or wide area Ethernet networks (MAN or WAN).
5.0.1 Firmware Release
In addition to the new hardware appliance, a firmware update is available for all HSE appliances and includes the following new features and enhancements:
Note: Firmware is not backwards compatible due to changes in support of new NIST requirements.
Download the resources below to learn more about the SafeNet Ethernet Encryptor CN6140
The SafeNet Virtual Encryptor CV1000 is now available for sale to the U.S. Federal Government. The CV1000, the first hardened virtual encryptor, is designed for extended WANs and SD-WANs. The CV1000 delivers robust encryption security for data-in-motion across high speed carrier WAN links up to 5 Gbps.
The CV1000 uses Network Function Virtualization (NFV). NFV enables organizations to programmatically define and execute the services that run on networks. NFV infrastructures are comprised of virtual network functions (VNF), the components that deliver specific services. The CV1000 is a VNF that delivers flexibility, scalability and responsiveness while reducing capital expenditure requirements.
Virtualized encryption provides organizations with an operational and expense friendly alternative to using a hardware appliance for securing data in motion across networks and meeting security and compliance requirements.
Download the resources below to learn more about the SafeNet Virtual Encryptor CV1000:
SafeNet AT is announcing End-of-Sale and Last Time Buy opportunities for SafeNet Multilink Encryptor CN8000, 5X10GBPS With Chassis, 8002 Cards, SafeNet Multilink Encryptor, CN8000, 10X10GBPS With Chassis, 8002 Card, and CN8000 interface card 8002 (Ethernet ONLY).
We encourage our customers to transition to the SafeNet Multilink Encryptor CN8000 with 8003 Cards, a best-in-class high-assurance encryption solution providing maximum security and performance, and certified to the highest security standards. SafeNet High Speed Encryptors (HSE) ensure the most secure data-in-motion protection, maximum performance, near-zero overhead with “set and forget” management, and lowest total cost of ownership.
Limited quantities remain; products are available on a first-come, first-served basis.
Maintenance will be available for renewal through January 1, 2020
Ethernet Platforms for End-of-Sale:
The following are key dates in the End-of-Sale process:
The following is a list of HSE part numbers affected by this announcement, including, but not limited to, the part numbers listed below:
As of July 1, 2018, SafeNet AT is announcing End-of-Sale and last time buy opportunities for the SafeNet Ethernet Encryptor CN6040. We encourage our customers to transition to the SafeNet High Speed Encryptor CN6010. The CN series encryptors offer best-in-class high-assurance encryption solutions, providing maximum security and performance, and certified to the highest security standards. SafeNet High Speed Encryptors ensure the most secure data-in-motion protection, maximum performance, near-zero overhead with “set and forget” management, and lowest total cost of ownership. This notice does not affect SafeNet Fiber Channel Encryptor CN6040.
Ethernet Platforms for End-of-Sale
Key Dates in the End-of-Sale Process:
The following is a list of HSE part numbers affected by this announcement:
Customers using these products are encouraged to migrate to the SafeNet Ethernet Encryptor CN6010.
The first choice for Layer 2 encryption, SafeNet High Speed Encryptors from SafeNet AT are field proven to secure data in transit including time-sensitive voice and video streams, as well as metadata for enterprise and government organizations, defense agencies, global financial transactions networks, and the world’s biggest cloud services providers. The SafeNet CN4000, CN6000, CN8000, and CN9000 Series Encryptors help organizations encrypt an even broader range of network traffic across more location types – from the data center to branch offices, and up to the cloud and back at speeds from 10 Mbps to 100 Gbps.