Ethernet / Packet Encryption

The BlackDoor protects the confidentiality and integrity of Ethernet and packet networks with the strongest commercially available cryptography. It supports point-to-point, point-to-multipoint, and multi-point to multi-point network configurations to provide real time network security for VLAN, Intranet, Internet, MPLS, Cloud, and Radio Layer 2 / 3 connectivity.


The BlackDoor has three encryption modes:

  • Black Bridge: Non-local packets are encrypted above the MAC layer and bridged to the destination network.
  • Black Router: Remotely destined packets are encrypted above the Network layer and dynamically or statically routed to the destination network.
  • Black Tunnel: Source Ethernet packets are entirely encrypted and then encapsulated into an IP packet that is forwarded to the destination network connecting remote LANs through a transparent IP encrypted tunnel.



The BlackDoor is available in two models; 10/100 Ethernet, or 1 Gig Ethernet with copper or fiber interfaces. It is highly reliable, highly secure, and easily “drops-in” to existing networks without costly reconfiguration or upgrades of existing equipment or services.





  • AES, 256 bit
  • Fully automatic key management (1 min to 42 day re-key interval)
  • Hardware Random Number Generator: NIST SP 800-90
  • Full duplex real-time encryption


LAN Network Interface


  • 2 x 10/100 RJ45 Ethernet (full / half duplex) – BlackDoor 10/100
  • 2 x 10/100/1000 RJ45 Ethernet (full) – BlackDoor Gig
  • Fiber Option – BlackDoor Gig
  • Auto negotiation, or configured speed and duplex


LAN Network Protocols




Network Topology


  • Point-to-point, Point-to-multipoint, Multipoint-to-multipoint



  • Command Line Interface (CLI)
  • Telnet with edit and paste template files
  • Console port for out of band management
  • SNMP
  • Remote configuration, monitoring and reset
  • Online software upgrade (TFTP, fully operational during upgrade)

Mounting / Physical


  • 19” rack mount (1U height)
  • Dimensions: 9” (L) x 7.3” (W) x 1.5” (H)
  • Optional Medeco Case
  • Available in multi-slot card chassis configuration




  • Input Range: 12 to 30 VDC, 1.0 Amp
  • Lockable connector
  • Optional -48 VDC, 0.25 Amp
  • AC adaptor included (order per country)



  • Optional Dual Power, Hot Standby




  • Operating Temperature: -10° to 50° C (0° to 132° F)
  • Operating Humidity: Up to 90% (Non-Condensing)
  • Optional Extended Temperature Range Available




  • CE
  • Safety: IEC 60950
  • EMC: CFR 47 Part 15 Sub Part B: 2002, EN55022: 1994+A1&A2, EN55024, ICES-003 1997, CISPR22 Level A


  • Point-to-point Layer 2 / Layer 3 encryption
  • Encrypting LAN radio links
  • Point-to-multipoint Layer 2 / Layer 3 encryption
  • Creating encrypted Ethernet “tunnels”
  • Encrypting Ethernet / IP / MPLS WAN links
  • Interoffice encryption for VOIP, IPTV, data traffic
  • Encrypt sensitive healthcare, financial, etc. data


  • Sophisticated AES 256 bit key encryption
  • Automated symmetric key rotation
  • Secure key generation with FIPS RNG
  • Compact and highly reliable (no fans)
  • Stand-alone and chassis slot-card configurations
  • Plug and play functionality
  • Multi-network topology support
  • Software Upgradable


  • Network data is secure in the event of a breach
  • Matches your network topology
  • Can completely “hide” original network traffic (including header / addresses)
  • Easy to setup and operate
  • Seamless integration into existing network
  • Doesn’t consume compute resources from existing networking equipment
  • Central and remote site configurations


Engage Communication
9565 Soquel Drive. Aptos, CA 95003
This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it.

Telephone: 1-831-688-1021
Toll Free : 1-877-ENGAGE4
Designed, Fabricated, and Assembled
in America 
Supported Worldwide