Senetas CN Series Application Software v2.7.1 & Senetas CM Management Application Software v7.5.1
|Product type: Network and Network Related Devices and Systems|
Product Status: In Evaluation
Assurance Level: EAL2+ ALC_FLR.2
Version: CN series Application Software version 2.7.1 and CM7 Management Application Software version 7.5.1
Components: Senetas CN 4010 1Gb Ethernet Encryptor; Senetas CN 4020 1Gb Ethernet Encryptor; Senetas CN 6010 1Gb Ethernet Encryptor; Senetas CN 6040 Switchable 1Gb Ethernet and 1-4Gb Fibre Channel Encryptor; Senetas CN 6100 10Gb Ethernet Encryptor; Senetas CN 8000 Multislot Switchable 1-10Gb Ethernet and 1-4Gb Fibre Channel Encryptor
Cert Progress: Progressing
Estimated Approval: Q1 2017
Senetas Security Ltd312 Kings Way
South Melbourne Victoria 3205 Australia
Product Website: http://www.senetas.com
The Senetas CN series encryptors are high-speed, standards based multi-protocol encryptors specifically designed to secure voice, data and video information transmitted over Fibre Channel and Ethernet Networks. They can be deployed within Networks employing data rates up to 10 Gigabits per second and provide support for the AES algorithm. All of the encryptors in the CN series offer a single encryption path per encryptor except for the CN8000 Multi-slot encryptor which supports up to 10 interface/ high speed crypto cards (Slots) per chassis, each independently configurable as 1G or 10G Ethernet or 1, 2, 4G Fibre Channel. The encryptors also provide access control facilities using access rules for each defined Ethernet and Fibre Channel connection.
The Senetas CN Series Ethernet connects to the Local Area Network (LAN) or Wide Area Network (WAN) using 10/100/1000 BaseT RJ45 or Optical Fibre connectors. When operating at full bandwidth, the Ethernet encryptor will not discard any valid Ethernet frames for all modes of operation.
The Senetas CN series Fibre Channel connects to Fibre Channel links to provide traffic encryption over point to point (link) network segments at speeds of 1, 2, and 4 Gbps. Single and Multi Mode Optical Interfaces can be used to provide short and long haul transmission capability. The product has been designed to integrate simply and transparently into existing Fibre Channel network architectures and provides the ability to encrypt Fibre Channel traffic with no packet expansion, and minimal management overhead, allowing full line speed data throughput.
The CN8000 and CN6040 products are user switchable between Fibre Channel and Ethernet encryption modes within the same physical encryptor.
The TOE provides the following security functionality:
Audit – The TOE is able to generate auditable data for security relevant events
Certificate Management – certificates will be maintained for the use by the product
Protected Data Exchange – the confidentiality of packets sent over the untrusted network will be maintained
Identification and Authentication – of administrative users who are responsible for the configuration and monitoring of the TOE
Key Management – will be used in implementing security functions
Information Flow Control – controlling the flow of received Ethernet or Fibre frames from external hosts
Role-Based Access Control – restriction of users to different configuration interfaces based on the role they are assigned
Secure Remote Management – remote administration by the CM Management Application allows for secure management and configuration of the TOE
Self Protection – the TOE will protect against unauthorised access to the physical security of the TOE.