Manualshelf

User manual

ManualsBrandsRedline Communications ManualsComputer equipmentAN-50e
111112113114115116117118119120
AN-80i User Manual
70-00072-01-10 Proprietary Redline Communications © 2011 Page 119 of 152 March 2, 2011
specifies a cryptographic algorithm for use by U.S. Government organizations to protect
sensitive information. The AES block cipher has been ratified as a standard by National
Institute of Standards and Technology of the United States (NIST).
The AN-80i also supports a Redline engineered proprietary encryption scheme based on
private-key proprietary algorithms. The proprietary encryption system supported in the
AN-80i PTP uses a 64 -bit private-key stream cipher that is changed every wireless data
block. Keys are generated using the proprietary algorithm that can generate up to 2^48
distinct independent sequences of keys.
8.1.3 Management Security
The AN-80i includes security mechanisms for device management.
TLS 1.0 for HTTPS for secure Web access
SSH v2 for secure command line operation
SNMP v3 with AES support
Digitally-signed software upgrade files
FIPS mode allows only FIPS-approved cryptographic algorithms
8.1.4 Physical Security
The Redline AN-80i is enclosed in a weatherproof aluminum alloy case. The module‟s
enclosure is sealed using tamper-evident labels, which prevent the case covers from
being removed without signs of tampering.
The security of the AN-80i system is further increased by the following factors:
Stream cipher cannot be reverse-engineered -- even by destroying the equipment
Key generation algorithm cannot be reverse-engineered -- even by destroying the
equipment
MAC address of a system cannot be changed without damaging the equipment
Two communicating AN-80i systems detecting they have the same MAC address will
immediately shut down
Important Security Guidelines:
1. Store encryption keys and certificate information in a secure location.
2. Always use secure transfer (e.g., SSH or SSL) when working with encryption keys
and certificates.
3. It is recommended to use the AN-80i local Ethernet port to transfer encryption keys
and certificates, or sftp if loading certificates or keys across an open network.
4Gon www.4Gon.co.uk info@4gon.co.uk Tel: +44 (0)1245 808295 Fax: +44 (0)1245 808299