UT-6600 - Encrypted Ethernet Tunnel

---

Encrypted Ethernet Tunnel with Ethernet and Serial Ports

A member of the UT Encrypted Ethernet Tunnel Family UT-6600 is industrial rated -40 to +70 C Other Compatible products include all UT and XT family devices AC and DC power supply options Two Ethernet ports: 10BaseT, 10/100BaseT UT-6600: Two asynchronous PPP serial RS232 ports UT-6690: Two asynchronous PPP serial ports, one RS232 and one dial-modem Each port is independent Easy to setup and maintain Host unit supports at least 8 simultaneous remote locations Set unit up as host or user device Extensive statistics logging and diagnostic tools Tunnels all Ethernet protocols, not just IP Multicast Tunnel - Tunnels multicast protocol ROIP Tunnel - Tunnels Voice and Radio over IP links AES encryption Ethernet to Ethernet or Ethernet to serial (serial for secure PPP dialup) Link LAN to LAN or remote computer dial-in Remote devices appear to be on the local network Compact size, Stand-alone or Rack Mounting Bridges 802.1Q tagged V-LAN trunks Extensive filtering on MAC, IP, and Protocol All UT and XT family products interoperate... From dial-up to gigabit interface models Compatible with software clients using UT-Soft on remote PCs.

UT-6600 Front View UT-6600 Rear View

Features Description Specifications How To Order General Indicators (front panel) Controls Physical/Electrical APPLICATION Notes & Manual

Common Applications Utilities – Gas and oil production, pipelines, electric generation, transmission and distribution Retail – Stores, kiosks, credit card machines --- especially those using wireless links Law Enforcement – Small remote offices Medical – AES encryption of the UT-6600 meets HIPAA requirement for securing data over open networks such as the Internet. The medical industry is mandated by HIPAA to meet HIPAA privacy and security requirements over open networks. Real Estate – Connecting to and updating the database of listed homes. Field sales personnel working out of the home, hotel rooms wired for high speed Internet access. Financial industry – Additional security on internal corporate links, branch offices, ATM machines, key personnel remote secure access. Remote office with more than one device, with the UT-6600 shared with switch or hub. Added security within a large corporate network Office to Home 2 nets at each end, bridged via the Internet IoT and Remote network monitoring via the Internet

DESCRIPTION

The UT-6600 is an industrial temperature rated Internet Appliance for creating encrypted Ethernet tunnels. It features two serial ports and two Ethernet LAN ports. It is compatible with all UT and XT family products.

The UT-6600 encrypts data between private networks using the public Internet or any other network as the transport.

The UT series uses AES encryption. AES is the US Government standard, selected using an open selection process, to replace DES and 3DES encryption.

Most UT and XT family products contain Ethernet interfaces only. The UT-6600 has both Ethernet and serial PPP connections.

UT-6600 units can be connected Ethernet to Ethernet or serial to serial. The serial connection can also be used as an automatic fall-back connection should the Ethernet fail.

The UT series operates through firewalls with only one port of your choice opened. It bridges all Ethernet protocols including IPX, IP, Netbuei, and other proprietary protocols.

The UT series is straight-forward, easy to configure and maintain. The UT series has state-of-the-art AES encryption security without the configuration complexity of a traditional VPN. It's a simple, hardware based VPN.

All UT ans XT family products interoperate. All may be configured as a partner with any other units. For example, the lower cost UT-6600 or UT-3302 models are often used as partners with the high performance UT-6602, XT-series encrypters. The higher performance units are often used with hundreds of client locations, high performance VOIP, and complex networks.

The UT-Soft software allows any Windows PC to become a stand-alone client without the need for client hardware. It's ideal for ad-hoc laptop and tablet connections via the untrusted network.

For encryption of serial RS-232 links not involving ethernet or IP, see our SE-6600 product line.

For higher performance up to gigabit level, see our high performance XT product line.

Due to the encryption employed in these products, our encryption products are export controlled items and are regulated by the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce. The UT-6600 and UT-6690 are classified as mass market encryption devices and may not be exported or shipped for re-export to restricted countries in Country Group E:1. They are shippable to most other countries.

If TCP/IP transport is required over a PPP link instead of UDP/IPover a PPP link, use the ET-6600 or ET-6690. The only difference between the two models is the IP protocol used between them.

SPECIFICATIONS

General

Two asynchronous RS-232 serial ports for PPP connections:

•  DE-9P (PC-9pin) connectors
•  Speeds to 230 Kbps
•  Or one V.90 Modem and one RS-232 port

Two Ethernet ports:

•  One 10/100BaseT
•  One 10BaseT

Protocol Features:

• AES encryption
• Auto-Disconnect timers
• Web browser configuration and management from local trusted interface
• Default IP address: 192.168.0.1
• Initial setup via local serial terminal
• Supports 802.1Q VLAN
• Extensive filtering on MAC, IP, and Protocol
• PPP connection via serial ports
• UT-6600 uses UDP/IP between units
• ET-6600 uses TCP/IP betwen units

Performance:

• Throughput of 700 kbps with AES encryption
• Throughput of 3 Mbps with software encryption configured off
• For higher performance, see the entire UT or XT product line

Indicators

• Front - Power, Status, port activity (2)
  
• Rear – LAN connection (2), LAN activity (2)
  

Controls   (DIP switch:)

•   Setup (initial setup using serial terminal)
•   Reset

Physical/Electrical

• Power requirements: 9 VDC, 600 ma standard
• 12, 24, 48, 125 VDC and 240 VAC options are available
• Supplied with 120 VAC external power supply
• 4 ¼ W x 5 ½ D x 1 ¾ H
• One pound

Environmental

• Operational Temperature: -40 to +70 C
• Storage Temperature: -50 to +75 C
• Humidity: <95% Non-condensing
• Power Supply Options may affect temperature specifications

APPLICATIONS

Download a copy of the manual.

Just The Facts, Please.

Read the encryptor FAQ for quick answers to questions others have asked. Just click here.

---

Quick-start guide to the XT family products.

This application note guides the new XT user from opening the boxes to having a working encrypted tunnel between two XT units on a test bench. Step-by-step instructions make it quick and painless to learn the configuration process. Uses the XT-hEX as an example, but also covers other XT products.

Troubleshooting guide for the above Quick-start.

If it didn't go well and doesn't immediately work, this guide offers some troubleshooting hints. Most people won't need this, but it's here if you do.

What Do Those Tunnel Log Entries Mean?

When analyzing logs from DCB Tunnels (XT, UT, ET, and FT), there are often log entries that are surprising to the new user. We discuss those here.

Configuring the LAN3 on the XT-hEX, a Quick-start guide.

Most people won't need this, but if you want to use the third LAN port on the XT-hEX, this information will help you configure it.

All DCB ethenet encryptors operate similarly, with differences being in the protocols, capabilities, and authentication methods. Since the topology is comparable for all of them, we show application notes for all these products together.

DCB's Encryption Product Export Statement

Some of our encryption products are export controlled items and are regulated by the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce. Some are classified as mass market encryption devices and may not be exported or shipped for re-export to restricted countries in Country Group E:1. They are exportable to most other countries. Read our Encryption Product Export Statement here for more specifics.

Using XT Tunnels with IP Radio Dispatch Systems.

Radio installers rely on DCB tunnel products to implement secure networks for mission critical applications. DCB Encryptors (XT, UT, and ET roducts) enable IP dispatching across multiple networks. They remove the multi-cast problem faced in many IP network installations so are frequently used along with Telex, Motorola, Kenwood, Harris, Zetron, AVTEC, and other two-way radio consoles. This document describes some of those techniques with examples we've seen at PSAPs and other dispatch centers.

Tunnel Product Security In Perspective.

Our encrypted tunnel appliances provides a LAN -to- LAN encrypted tunnel between locations. It employs a layer three (UDP/IP or TCP/IP) connection between two or more tunnel devices to create a secure, AES encrypted tunnel. For export purposes, the Some models are considered a Mass Market Encryption Device by the Department of State Bureau of Industrial Security and are export limited.

This product line meets HIPPA and most government standards for non-classified data transfer. However, it is not NIST FIPS 140-2 approved. For a FIPS 140 approved product, the (more expensive) FT line of encryption appliances is required. This note discusses the security implications of using our encrypted tunnels.

Redundancy Techniques Using DCB Tunnel Devices and Software.

Users have come to rely on DCB tunnel products to implement secure networks for mission critical applications in which downtime must be kept to a minimum. Thus it is not unusual for customers to ask questions about techniques that may be applied to make the tunnel network more robust. This document describes some of those techniques with examples.

Quick-start guide to the XT-3306.

This application note guides the new XT-3306 user from opening the boxes to having a working encrypted tunnel between two XT-3306 units on a test bench. Step-by-step instructions make it quick and painless to learn the configuration process. One difference between the XT and the UT/ET families is that the XT allows the selection of TCP and UDP protocols for the tunnel path.

Troubleshooting guide for the above Quick-start.

If it didn't go well and doesn't immediately work, this guide offers some troubleshooting hints. Most people won't need this, but it's here if you do.

Quick-start guide to the UT-3302.

This application note guides the new UT-3302 user from opening the boxes to having a working encrypted tunnel between two UT-3302 units on a test bench. Step-by-step instructions make it quick and painless to learn the configuration process.

Troubleshooting guide for the above UT-3302 Quick-start.

If it didn't go well and doesn't immediately work, this guide offers some troubleshooting hints. Most people won't need this, but it's here if you do.

Encrypted Bridge Installation Option

An application note describing an appliance-like installation that allows the Tunnel to be located anywhere on the local LAN. Known around DCB as the "Single-Port Installation".

Using the UT Encrypted Bridges and UT-SOFT with IP Multicast.

Discusses applying the UT products to transport VOIP multicast via non-multicast wide area networks. Examples showing IP voice dispatch radios for public service agencies. The UT supports multi-cast IP over normal uni-cast networks and allows a private multi-cast network to span multiple IP networks. The UT-SOFT software client allows any PC to be a securely connected node on a remote network

Motorola MIP 5000 VoIP Radio Console VPN Solution Guide

This Motorola produced MIP 5000 VoIP Radio Console VPN Solution Guide features a virtual private network (VPN) solution that has been tested with MIP 5000 VoIP Radio Console. The VPN solution uses a pair of encrypted Ethernet bridges to provide a secure Ethernet tunnel between the dispatch center and a remote MIP 5000 console. The secure Ethernet tunnel supports a remote console operator receiving audio from and transmitting audio to radio channels and other MIP 5000 consoles using AES encryption.

UT Tunnel Installation Note - "Living On a Wild Feed... Safely"

This short application note summarizes the options and requirements for directly connecting the untrusted interface of UT encrypted tunnels to the Internet. Yes, the UT tunnels may be safely living on the wild side of your firewalls and if properly configured appear to be a "black hole" to your adversaries!

Using the UT for Remote Management Applications Since the UT along with UT-Soft enables a remote workstation to have a virtual presence on a remote LAN segment, it's quite useful for network monitoring and analysis, similar to a RMON without the headaches. Download an application note that discusses using UT-Soft and our UT servers for remote LAN network montoring.

ET Encrypted Bridge Quick-Start Installation Guide

A cookbook style quick start guide to installing the ET Encrypted Bridges. Illustrates common usage examples with fill-in-the-blank instructions.

ET-3302/6600 Encrypted Bridge Applications

Some ways the ET products are being used to tunnel IP traffic in the real world.

Using the ET-6601 Encrypted Bridge with EVDO & Wifi

Discusses using the ET-6601 with high speed cellular modems and 802.11 Wifi wide area connections.

ET Encrypted Bridge Installation Option

An application note describing an appliance-like installation that allows the ET to be located anywhere on the local LAN. Known around DCB as the "Single-Port Installation".

Using the ET Encrypted Bridges with 801.Q VLANs

Discusses configuring the ET products to handle 801.Q VLAN traffic. The ET supports 801.Q VLAN tagged packets, and allows a VLAN to span multiple IP networks.

Using the ET Encrypted Bridges with IP Multicast.

Discusses applying the ET products to transport VOIP multicast via non-multicast wide area networks. Examples showing IP voice dispatch radios for public service agencies. The ET supports multi-cast IP over normal uni-cast networks and allows a private multi-cast network to span multiple IP networks.

Automating Dial-Up Router and Bridge PPP Connections

An application note that details one common method of automating the use of IP-6600 routers and ET-6600 bridges to dial multiple remote locations on a scheduled or automated basis.

How to Order

Questions? Phone us toll free at 800-432-2638 Due to the nature of these products, we prefer that you phone us and discuss your application prior to ordering.
Item Number	Description	Price	Buy Now!
UT-6600	Encrypted Ethernet Tunnel Appliance with Two Async Ports, Two LAN Ports, 6 VDC w/ 120VAC supplied	$ 489	Qty: 0 1 2 3 4 5 6 7 8 9
UT-6690	Encrypted Ethernet Tunnel Appliance with one async port, one modem port, Two LAN Ports, 6 VDC w/ 120VAC supplied	$ 789	Qty: 0 1 2 3 4 5 6 7 8 9
UT6600-12VDC	9-18 VDC internal power supply option for UT-6600, UT-6690	$ 75	Qty: 0 1 2 3 4 5 6 7 8 9
UT6600-24VDC	18-36 VDC input internal power supply option for UT-6600, UT-6690	$ 75	Qty: 0 1 2 3 4 5 6 7 8 9
UT6600-48VDC	36-72 VDC internal power supply option for UT-6600, UT-6690	$ 75	Qty: 0 1 2 3 4 5 6 7 8 9
ET-6600	Encrypted Ethernet Tunnel Appliance with Two Async Ports, Two LAN Ports, 6 VDC w/ 120VAC supplied	$ 489	Qty: 0 1 2 3 4 5 6 7 8 9
ET-6690	Encrypted Ethernet Tunnel Appliance with one async port, one modem port, Two LAN Ports, 6 VDC w/ 120VAC supplied	$ 789	Qty: 0 1 2 3 4 5 6 7 8 9
ET6600-12VDC	9-18 VDC internal power supply option for ET-6600, ET-6690	$ 75	Qty: 0 1 2 3 4 5 6 7 8 9
ET6600-24VDC	18-36 VDC input internal power supply option for ET-6600, ET-6690	$ 75	Qty: 0 1 2 3 4 5 6 7 8 9
ET6600-48VDC	36-72 VDC internal power supply option for ET-6600, ET-6690	$ 75	Qty: 0 1 2 3 4 5 6 7 8 9
9501083	125 VDC input external power supply option (for ET/UT-6600, ET/UT-6690)	$ 125	Qty: 0 1 2 3 4 5 6 7 8 9
UT-SOFT	Encrypted Ethernet Tunnel Client Software, Price is per unit, 1 to 5 units	$ 199	Qty: 0 1 2 3 4 5
UT-SOFT	Encrypted Ethernet Tunnel Client Software, Price is per unit, 6 to 9 units	$ 180	Qty: 0 6 7 8 9

Data Comm for Business Inc. 2949 County Road 1000 E Dewey, Il 61840	Voice: 217-897-6600 Toll Free: 800-4-DCB-NET Toll Free: 800-432-2638	Email: Contact Page Web: www.dcbnet.com Fax: 217-897-8023
All DCB web pages copyright ©1995- Data Comm for Business, All rights reserved. EtherPath®, EtherSeries®, EtherPoll®, EtherBridge® and EtherModem® are Registered Trademarks of Data Comm for Business, Inc.