CN9000 100Gbps Ethernet Encryptor

100Gbps high-speed data-in-motion encryption

The evolution of 100Gbps links and networks reflect the exponential growth in volume and types of data generated by business applications and the Internet of Things. Big Data is rapidly becoming ‘Mega Data’ and high-speed networks are becoming ultra-fast.


  • Data Center Interconnect Encryption
  • Data Recovery Center Encryption
  • Big Data Applications
  • ‘Mega Data’ Campus Network Environments
  • Cloud Computing Services ‘Backbones’
  • Aggregating High-Speed Network Links
  • Large Scale, MAN and WAN security
  • Quantum-Safe Security



The Centauris CN9000 Series is the first commercially available certified high-assurance 100Gbps Ethernet encryptor that supports the most complex fully meshed topologies – enabling 100% security for Big Data, Cloud and data centre services’ ultra-fast networks.

The Centauris CN9000 100Gbps Ethernet encryptor is the ideal solution for organisations that are seeking high levels of data security across ultra-fast networks.

Providing high quality encryption key generation and distribution, the Centauris CN9000 Series have IDQ’s quantum random number generator (Quantis QRNG). By upgrading the Centauris CN9000 Series with the unconditional security of Cerberis quantum key distribution (QKD) server, IDQ offers next generation security for point-to-point backbone and storage networks for long-term data protection.

The intrinsic key generation and distribution capability of the Centauris CN9000 Series removes reliance on external key servers and provides robust, fault-tolerant security architecture. At the same time, their secure, tamper-proof chassis delivers uncompromising protection to key material held in the encryptors.

Using Field Programmable Gate Array (FPGA) technology, the Centauris CN9000 Series’ architecture enables real-time data processing and data throughput. This ensures consistent low latency across all packet sizes for optical performance. Throughput is maximized in a zero protocol overhead mode. At 1U unit, they operate with minimal power and rack space consumption.

Working in point-to-point, point-to-multipoint and fully meshed topologies, the Centauris CN9000 series support the encryption of unicast, broadcast and multicast communications.

Compatible with all CN encryptors, the Centauris CN9000 Series encryption cards can be connected to multiple encryptors within a campus or wide area network.

Advanced group key encryption ensures easy management of multi-point environments, with separate keys for different VLANs or MAC addresses.

The Centauris CN9000 Series are easily managed through a simple to use local and remote encryptor management application that provides users with comprehensive and intuitive management functionality. The encryptors can be securely managed either out-of-band – using a dedicated Ethernet management interface or in-band – using the encrypted Ethernet port. Local management using a command line interface is available with a serial console connector.

The built-in operational flexibility provides customers with a choice and avoiding additional costs of third party optical transport equipment in their network (e.g. OTN provider backbone).


Whatever the chosen network topology and technology use case, Centauris CN9000 Series encryptors ensure maximum 100Gbps security for Big Data, Cloud and data centre applications across point-to-point, multi-point and fully meshed network topologies.

One example is 100Gbps Point-to-Point Ethernet encryption with QKD

High-assurance network security for simple 100Gbps point-to-point data centre to data centre service provider – an ultra-fast performance network requiring maximum data security.

This data centre-to-data centre application enables safe and highly cost and performance efficient data back-up and multi-redundancy disaster recovery capability.

A key advantage offered by the Centauris CN9000 is the QSFP28 interface for up to 80kms signal transmission enabling optimal MAN performance and benefiting the service provider through savings on the cost of additional OTN network hardware that would otherwise be necessary.









Thanks to the structure of the QKD generation and detection, eavesdropping is impossible and the key is never recorded (only detected during the decryption process) so such offline attacks are not possible.

In addition, thanks to IDQ’s Dual-Key agreement where the AES-256 encryption key used by the encryptors is combined with the quantum key and changed up to 60 tmes per hour in both directions, two-fold security is provided and renewed in real-time.

Share on LinkedInTweet about this on TwitterShare on Google+Share on FacebookEmail this to someone