Centauris CN8000 encryptors are modular by design; ensuring maximum cost-effectiveness, flexibility and scalability. Each encryption chassis can hold up to 10 encryption cards, supporting diverse protocols such as Ethernet & Fibre Channel. The encryption is transparent to other network equipment, so it is ideal for multilink encryption or to secure multi-protocol infrastructures without having to change the architecture, or during network migrations.
It also guarantees flexibility for multi-vendor networks as well as future network evolution. Point-to-point and multipoint wire-speed encryption with ultra-low latency and full bandwidth is made possible by operating at the layer 2 of the OSI model. The CN8000 offers network manageability and 100Gbps performance without sacrificing security. The products are designed for CC-EAL4 and FIPS 140-2 level 3 certification.
A multi-tenancy management model allows each encryption card to be certified and managed individually by a different enterprise or government department. This allows best-practice separation of duties between network and security teams on the level of the encryption chassis level, or on the level of each encryption card. This allows easy management and new revenue streams for Managed Service Providers while ensuring crypto separation and security for the users.
The CN8000 is Swiss-made for high security, with robust anti-tamper measures and physical protection. High-quality encryption keys are generated by IDQ’s quantum random number generator (Quantis), which ensures that the keys are truly random with high entropy. The CN8000 can also be upgraded to use quantum keys from IDQ’s Quantum Key Distribution server for long-term data protection.
State-of-the-art key management ensures seamless and automated security with no manual intervention required. Advanced security features also include granular policy management and separation of duties on a per-card and per-device level. This enables different encryption cards to be used in a multi-tenancy environment, for example, with crypto separation between different clients in a data center or different divisions within the same organisation.
Centauris encryptors work in point-to-point modes for Ethernet and Fibre Channel, and point-to-multipoint and fully meshed multipoint modes for Ethernet, supporting the encryption of unicast, broadcast and multicast communications. All encryptors in the Centauris family are compatible, allowing for example one encryption card in the CN8000 to be connected in a meshed network to multiple other dedicated Centauris encryptors in a campus or wide area network.
Advanced Group Key Encryption ensures easy management of such multipoint environments, with separate keys able to be attributed to different VLANs or MAC addresses. The Centauris platform may be provisioned and managed locally or remotely through a secure management interface, CypherManager, with easy upgrade and diagnostic capabilities. Logs and alerts can be integrated seamlessly into standard SIEM or network monitoring platforms.
The Centauris CN8000 encryptor work across point-to-point, point-to-multipoint and fully-meshed network topologies.
Centauris encryptors work in point to point mode for high performance data center interconnection, LAN extension or metropolitan backbone connection. Each encryption card in the CN8000 supports Ethernet up to 10Gbps, with native Fibre Channel support up to 8Gbps under development. Fully loaded the CN8000 support 100Gbps of Ethernet traffic. Protocols such as Ethernet over-IP are also supported.
Different encryption cards may be used for different agencies or division within the same organisation for crypto-separation in multi-tenancy environments.
Point-to-multipoint and fully meshed
The CN8000 Ethernet encryption cards can also secure multipoint networks across a transparent LAN service (carrier Ethernet service or layer 2 MPLS service). Both hub & spoke and fully meshed topologies are supported. Different Centauris devices of different bandwidths may be used simultaneously in a network (eg. a 10Gbps CN8000 card at the HQ connected to several 1Gbps or 100Mbps dedicated encryptors in the field).
High-performance, state-of-the-art Swiss Quantum security; reducing the cost of company-wide data encryption.
Reduces costs for large-scale data encryption
Transparent to network and applications
High-performance scalable encryption
State-of-the-art swiss quantum-safe security
Advanced management tools