Solution Overview

BlackDoor GIG Encryptor envelopes Ethernet network segments in an AES Hardened Protective Shield. Access to the devices on the secured network's Computers, Work Stations, File Servers and Networked Devices such as Printers, Phone Systems requires a 256 bit AES key which is 10 to the 77th power of combinations.

Technical Specification
Data Sheet Download
User Manual Download

How to Order

MPLS Payload Encryption

Gigabit Ethernet Encryption

 Black•Door GIG Encryptor

 Gigabit Ethernet - Layer 2/3/VLAN/MPLS Encryption

The Engage BlackDoor GIG Encryptor offers customers a new level of Gigabit speeds for securing existing packet based networks. The AES based encryption algorithms offer industry standard security levels at multiple layers of the network OSI while supporting up to Gigabit Ethernet transmission speeds. The BlackDoor GIG Encryptor is installed at the edge of the existing network interfaces and means instant security upgrades for customer satisfaction and network invisibility.

The BlackDoor is used by customers around the world for enterprise network security; it has always offered a reliable, efficient, cost-effective solution for adding encryption to non-secure network interfaces. It provides this level of security without requiring new system software or having to upgrade existing network edge devices. The BlackDoor GIG Encryptor gives customers wanting a higher level of network protection a faster network alternative, a Gigabit interface encryption machine.

The BlackDoor GIG Encryptor enables enterprises to add AES security to Ethernet packet interfaces without having to disrupt their network edge hardware with upgrades, reconfiguration and add-on encryption accelerators.  The Black-Door is deployable with basic Internet Protocol knowledge.

Independently configurable MTUs with 9000 byte JUMBO Ethernet Support

The Engage BlackDoor GIG Encryptor offers customers a new level of Gigabit speeds for securing point to point or multipoint Ethernet networks. The BlackDoor GIG Encryptor’s Ethernet interfaces have independently configurable MTUs that are able to handle up to 9000 byte JUMBO Ethernet frames in real-time.  The AES based encryption algorithm offer industry standard security levels at Layers: 2/VLAN/MPLS/3.

Point to Point “Plug-and-Encrypt” Installation

The BlackDoor GIG Encryptor is a plug-and-encrypt installation for the payload of layer 2 and MPLS point to point network connections.  The payload of the Ethernet Packets entering the clear text LAN1 are AES encrypted and sent out LAN2 to the Egress Ethernet.  Ethernet packets AES decryption requires a unique 256 bit key.

 The Change to Connectionless Networks

Ethernet networks are being used for larger scale networks and as a replacement for traditional telco data services. Both private enterprises as well as service providers see the proliferation of Ethernet as a backhaul medium as an advantage for their network expansion. However, Ethernet at this scale can also lead to potential issues as the network is no longer as secure as a connection-oriented infrastructure. Security interfaces are required at all network access points to assure data packets as well as address information is encrypted and protected. These interfaces might be less robust software solutions or for a higher level of network security, plug-and-play encryption appliances.

These interfaces might be less robust software solutions or for a higher level of network security, plug-and-play encryption appliances. The Engage BlackDoor GIG Encryptor offers an effective, easy-to-install solution to solve this problem. The BlackDoor GIG Encryptor can be added to existing equipment sites for upgrade of security or it can be installed with new systems to add AES encryption to non-secure equipment. It works in both point-to-point as well as point-to-multipoint configurations at Gigabit access speeds.


 OSI Layer Encryption

Layer 2 - Bridge
Interfaces at Layer 2, non-local packets are encrypted above the MAC layer and then directed to the appropriate destination address by the internal bridge.

Layer 3 - Router
Interfaces at Layer 3, packets are encrypted above the Network Layer and then can be dynamically or statically routed to the destination network by the internal router.

Tunnel - Equipment Interface
Many times network to network security requires an encrypted ‘tunnel’ carrying Ethernet packets over a pre-defined network path. The BlackDoor GIG Encryptor permits user creation of a destination table, encrypts the entire incoming packet, and adds the appropriate destination address for correct network transport.

Multi-Protocol Label Switching offers a path oriented address which can direct packets to a specific end address over a ‘virtual’ private path to a destination network. A virtual private path does not, however, guarantee data packet security. The BlackDoor GIG Encryptor can provide ‘payload only’ encryption for MPLS data packets, maintaining the MPLS labels while encrypting the MPLS payload. It is flexible enough to provide an encrypted ‘tunnel’ for point-to-point MPLS connections or can encrypt at Layer 2 or Layer 3 or both, easy to configure without any down time for network access equipment.


 Point-to-Point or Point-to-Multipoint Network Configurations
The BlackDoor GIG Encryptor transparently AES encrypts Ethernet networks at Gigabit speeds. Ethernet Voice, Video or Data packets, that are destined for a device located on a remote network or a different local network segment, are AES encrypted at the Link, Network or Transport Layer and then tunneled, bridged or routed to the destination network. At the destination network the packets are decrypted and the original Ethernet packets are securely delivered to the destination Ethernet device.

MPLS Payload Encryption
    Privacy | Glossary | Subscribe | Contact Information | News | | © Copyright 1989-2012 Engage Communication, Inc.