Wikipedia

High Assurance Internet Protocol Encryptor: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Hyperlinked "(...) packet (...)" to the "Network packet" article
BFlippo (talk | contribs)
45 edits
No edit summary
Line 23:
A HAIPE is an IP encryption device, looking up the destination IP address of a [[Network packet|packet]] in its internal Security Association Database (SAD) and picking the encrypted tunnel based on the appropriate entry. For new communications, HAIPEs use the internal Security Policy Database (SPD) to set up new tunnels with the appropriate algorithms and settings. By not supporting routing protocols the HAIPEs must be preprogrammed with [[static routing|static routes]] and cannot adjust to changing network topology. While manufacturers support centralized management of their devices through proprietary software,<ref>[http://www.viasat.com/government-communications/information-assurance/vine-manager-software ViaSat's VINE website]</ref><ref>[http://www.gdc4s.com/gem-x.html General Dynamics's GEM website]</ref> the current devices offer no management functionality through open protocols or standards.
 
Recently TELEGRID Technologies <ref>[http://www.telegrid.com TELEGRID Technologies]</ref> has produced a non proprietary manager <ref>[http://www.telegrid.com/TELEGRID_SMRT_Flyer.pdf TELEGRID SMRT Multiple HAIPE Remote Manager]</ref> for multiple HAIPE encryptors including the GD KG-175D, ViaSat KG-250 and Harris SecNet54 in addition to the KIV-7M LEF encryptor.

Both the HAIPE IS v3 management and HAIPE device implementations are required to be compliant to the HAIPE IS version 3.0 common MIBs. Assurance of cross vendor interoperability may require additional effort. An example of a management application that supports HAIPE IS v3 is the L-3 Common HAIPE Manager.
 
A couple of new HAIPE devices will combine the functionality of a router and encryptor when HAIPE IS version 3.0 is approved. General Dynamics has completed its TACLANE version (KG-175R), which house both a red and a black Cisco router, and both ViaSat and L-3 Communications are coming out with a line of network encryptors at version 3.0 and above. Cisco is partnering with [[Harris Corporation]] to propose a solution called SWAT1<ref>[https://www.cisco.com/web/strategy/docs/gov/swat1_ds.pdf Cisco Harris SWAT1 Solution]</ref>
Retrieved from "https://en.wikipedia.org/wiki/High_Assurance_Internet_Protocol_Encryptor"