BLACKBOND
T1 / E1 Circuit Encryption
Overview
The BlackBond is a “bump in the wire” device that seamlessly encrypts T1 / E1 and fractional T1 / E1 circuits. It’s extremely low latency allows it to encrypt the circuit without impact to voice, video and data T1 / E1 traffic.
The BlackBond uses the strongest commercially available cryptography and automatically rotates cryptographic keys at user defined intervals. Key generation is performed by a FIPS compliant Random Number Generator (RNG).
The BlackBond is effective at protecting data in motion in virtually any network environment. It is available as a stand-alone device for remote locations, or as a slot-card in a multi-slot chassis for central site locations.
For networks requiring both security and redundant circuits, the BlackBond can be ordered with a protection switching option. In this case, the encrypted traffic will switch to a backup T1 / E1 circuit if the primary T1 / E1 circuit fails. Alternatively, the traffic could be switched over to a backup packet based connection, such as 4G LTE.
Features
Applications
- Wireline T1 / E1 circuits
- Fiber T1 / E1 circuits
- Microwave T1 / E1 circuits
- Fractional T1 / E1 circuits (satellite, etc.)
- Circuit protection switching for encrypted T1 / E1
- Packet protection switching for encrypted T1 / E1
Features
- Sophisticated AES 256 bit key encryption
- Automated symmetric key rotation
- Secure key generation with FIPS RNG
- Compact and highly reliable (no fans)
- Stand-alone and chassis slot-card configurations
- Plug and play functionality
- Software Upgradable
Benefits
- T1 / E1 data is secure in the event of a breach
- Supports both full and fractional T1 / E1 networks
- Extremely low latency ensures voice, video and data applications continue to operate seamlessly
- Can completely “hide” original network traffic (including header / addresses)
- Easy to setup and operate
- Seamless integration into existing network
- Doesn't consume compute resources from existing networking equipment
- Central and remote site configurations
Specifications
Cryptography
- AES, 256 bit
- Fully automatic key management (1 min to 42 day re-key interval)
- Hardware Random Number Generator: NIST SP 800-90
- Full duplex real-time encryption
WAN Network Interface
- BlackBond T1
- 2 x T1 (1 “Red” / 1 “Black”)
- Framing: ESF
- Line Code: B8ZS or AMI [web site is HDB3 or AMI]
- DS0 assignments from 1 to 24
- Non-contiguous configuration supported (x-y, z)
- BlackBond E1
- 2 x E1 (1 “Red” / 1 “Black”)
- Framing: CRC4
- Line Code: HDB3 or AMI
- DS0 assignments from 1 to 32
- Non-contiguous configuration supported (x-y, z)
LAN Network Interface
- 2 x 10/100 RJ45 Ethernet (full / half duplex)
- Auto negotiation, or configured speed and duplex
LAN Network Protocols
- IP, TCP, UDP, ICMP
Link Protector Option
- Additional T1 / E1 port available as secondary circuit (switched to if primary fails)
- Also, one of the LAN interfaces may be used as the secondary circuit (switched to if primary fails)
Management
- Command Line Interface (CLI)
- Telnet with edit and paste template files
- Console port for out of band management
- SNMP
- Remote configuration, monitoring and reset
- Online software upgrade (TFTP, fully operational during upgrade)
- Local and remote WAN loopbacks
Mounting / Physical
- 19” rack mount (1U height)
- Dimensions: 9” (L) x 7.3” (W) x 1.5” (H)
- Optional Medeco Case
- Available in multi-slot card chassis configuration
Power
- Input Range: 12 to 30 VDC, 1.0 Amp
- Optional -48 VDC, 0.25 Amp
- AC adaptor included (order per country)
Redundancy
- Optional Dual Power, Hot Standby
Environmental
- Operating Temperature: -10° to 50° C (0° to 132° F)
- Operating Humidity: Up to 90% (Non-Condensing)
- Optional Extended Temperature Range Available
Regulatory
- CE
- Safety: IEC 60950
- EMC: CFR 47 Part 15 Sub Part B: 2002, EN55022: 1994 + A1 & A2, EN55024, ICES-003 1997, CISPR22 Level A