Ethernet Layer 2 Encrypter - LLEA

Link Layer 2 Encryption Performance Above 900 Mbps Using Gigabit Ethernet Interfaces
Contains FIPS 140-2 Level 1 Validated Encryption Module

High Performance Layer Two Encrypter 128, 192, or 256 bit AES encryption available Throughput at rates above 900 Mbps @ AES-128 FIPS 140-2 Level 1 validated encryption module 1000BaseT encryption for 10/100/1000BaseT ethernet ports Easy configuration or Plug and Play layer 2 security Installs in pairs for point-to-point drop in use Extensive statistics logging and diagnostic tools Tunnels ALL ethernet protocols Tunnels multicast traffic 802.1Q encryption - Tunnels 802.1Q tagged V-Lan trunksvia non-802.1Q links Inter-site VLAN encryption, VLAN encrypted link Ethernet to ethernet encryption for layer 2 security Links LAN to LAN to bridge sites together Drop-in microwave link encrypter Common Criteria encryption appliance Layer 2 Raw ethernet transport between units Layer 2 FIPS 140-2 validated product Compact 1U high: standalone or rack-mount	Encrypting Cloud Network Resources LLEA
Features Description Specifications How To Order General Indicators (front panel) Controls Physical/Electrical Read the Quick Start Guide Application Notes & Manual How to Order	High Performance Layer Two Encrypter LLEA

DESCRIPTION

AES encryption and HMAC-SHA1 for data integrity are used in the LLEA. The Diffie-Hellman algorithm is used for session key establishment. Encryption keys are changed every 6-hours or 2 billion packet, whichever comes first. All cryptographic operations are provided by an embedded FIPS 140-2 Level 1 validated cryptographic module.

The original Ethernet packets are completely encapsulates by LLEA for transport across the insecure network segment. To minimize the overhead of encapsulation and encryption, the LLEA will coalesce packets where possible for high performance on gigabit ethernet encryption links. This reduces the number of small packets that traverse the insecure network often improving the throughput of a slower network link.

At greater than 900 Mbps, measured throughput on a gigabit link is outstanding. Download a throughput measurement certificate here for full performance details.

This link layer encrypter can transport both standard Ethernet packets and 802.1q tagged VLAN packets. Since packets are encapsulated when transported across the insecure network segment, this has the effect of tunneling 802.1q across a network segment that may not support it while providing 802.1q encryption. Inter-site VLAN encryption has a side benefect... the packets that traverse the insecure network segment will always appear as standard Ethernet packets.

The LLEA is a simple, drop-in gigabit encryption appliance ideally suited for Federal common criteria encryption needs. It is easily applied to high speed microwave links. Microwave link encryption is required for many streaming video, security system connections, and common criteria encryption in building-to-building links.

LLEA requires very little configuration. In fact, it is possible to deploy a pair with no configuration at all. Just place them in-line and turn them on. Typical configuration consists of setting an IP address, a shared secret, and selecting the encryption level. Configuration is web based with a click-for-help hyperlink on every configuration item.

This is a layer 2 FIPS 140-2 compliant product using a validated encryption module. Due to the encryption employed in these products, they are export controlled items and are regulated by the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce. They may not be exported or shipped for re-export to restricted countries in Country Group E:1. They are shippable to most other countries with proper licensing. Please contact us if you are considering exporting these.

SPECIFICATIONS

General