Revision as of 03:44, 7 January 2023 edit 8.37.96.42 (talk) In the paragraph about HAIPE managers, replaced "respectfully" with ", respectively" (meaning "in the order mentioned"). ← Previous edit		Revision as of 20:55, 15 April 2024 edit undo Quondum (talk \| contribs) Extended confirmed users 38,970 edits minor fmt fixes Next edit →
Line 8: Examples of HAIPE devices include: * [[L3Harris Technologies]]' Encryption Products <ref>[https://www2.l3t.com/cs-east/what-we-do/products/encryption-products_red-eagle.htm L-3 Communication Encryption Products]</ref> KG-245X ~~10Gbit~~10 Gbit/s (HAIPE IS v3.1.2 and Foreign Interoperable), KG-245A fully tactical 1 Gbit/s (HAIPE IS v3.1.2 and Foreign Interoperable) RedEagle Line 15: KG-250,<ref>[http://www.viasat.com/government-communications/information-assurance/altasec-kg-250 ViaSat KG-250]</ref> and ** KG-255 [1 Gbit/s]<ref>[http://www.viasat.com/government-communications/information-assurance/altasec-kg-255 ViaSat KG-255]</ref> * [[General Dynamics Mission Systems]] TACLANE Products<ref name="ge">[https://gdmissionsystems.com/encryption/taclane-network-encryption General Dynamics TACLANE Encryptor (KG-175)]</ref> FLEX (KG-175F) 10G (KG-175X) ** Nano (KG-175N) * Airbus Defence & Space ECTOCRYP Transparent Cryptography <ref>{{Cite web \|url=http://www.cassidian.com/pl/web/guest/1307 \|title=Ectocrypt Blue by Cassidian, an EADS Company \|access-date=2013-11-18 \|archive-url=https://web.archive.org/web/20131107061236/http://www.cassidian.com/pl/web/guest/1307 \|archive-date=2013-11-07 \|url-status=dead }}</ref><ref>{{cite web\|url=http://www.cassidian.com/en_US/web/guest/cassidian-unveils-ectocryp-yellow \|archive-url=https://archive.today/20131118073910/http://www.cassidian.com/en_US/web/guest/cassidian-unveils-ectocryp-yellow \|url-status=dead \|archive-date=2013-11-18 \|title=CASSIDIAN unveils ECTOCRYP YELLOW \|date=September 2013 }}</ref> Three of these devices are compliant to the HAIPE  IS  v3.0.2 specification while the remaining devices use the HAIPE IS version 1.3.5, which has a couple of notable limitations: limited support for [[routing protocols]] or open [[network management]]. A HAIPE is an IP encryption device, looking up the destination IP address of a [[Network packet\|packet]] in its internal Security Association Database (SAD) and picking the encrypted tunnel based on the appropriate entry. For new communications, HAIPEs use the internal Security Policy Database (SPD) to set up new tunnels with the appropriate algorithms and settings. Due to lack of support for modern commercial routing protocols the HAIPEs often must be preprogrammed with [[static routing\|static routes]] and cannot adjust to changing network topology. Line 29: There is a UK HAIPE variant that implements UKEO algorithms in place of US Suite A. Cassidian has entered the HAIPE market in the UK with its Ectocryp range. Ectocryp Blue is HAIPE version 3.0 compliant and provides a number of the HAIPE extensions as well as support for network [[quality of service]] (QoS). Harris has also entered the UK HAIPE market with the BID/2370 End Cryptographic Unit (ECU).<ref>[https://www.harris.com/press-releases/2008/12/next-generation-bid-2370-device-developed-under-uk-ministry-of-defence-chimp Harris UK BID/2370 ECU]</ref> In addition to site encryptors HAIPE is also being inserted into client devices that provide both wired and wireless capabilities. Examples of these include L3Harris Technologies' KOV-26 Talon and KOV-26B Talon2, and Harris Corporation's KIV-54 <ref>{{Cite web \|url=http://rf.harris.com/media/secnet54_emod_tcm26-9219.pdf \|title=Harris KIV-54 (SECNET  54) \|access-date=2013-11-18 \|archive-url=https://web.archive.org/web/20131030001308/http://rf.harris.com/media/SecNet54_EMOD_tcm26-9219.pdf \|archive-date=2013-10-30 \|url-status=dead }}</ref> and PRC-117G <ref>{{Cite web \|url=http://www.rfcomm.harris.com/117G/ \|title=Harris AN/PRC-117G \|access-date=2008-10-05 \|archive-url=https://web.archive.org/web/20080930205542/http://www.rfcomm.harris.com/117G/ \|archive-date=2008-09-30 \|url-status=dead }}</ref> radio. == HAIPE ~~Managers~~managers == Viasat and General Dynamics Mission Systems both develop their own propriety software for managing HAIPE devices, VINE and GEM  One, respectively. The GEM  One specifications list support for the Viasat HAIPEs, KG-250X and KG-250XS while the data sheet for VINE only lists supported Viasat Network Encryptors.<ref name="VINE Data Sheet">{{cite web \|title=VINE Data Sheet \|url=https://www.viasat.com/content/dam/us-site/government/documents/VINE_datasheet_040_web.pdf \|website=Viasat.com \|access-date=19 June 2022}}</ref><ref name="GEM One GDMS">{{cite web \|title=GEM One Encryptor Manager - General Dynamics Mission Systems \|url=https://gdmissionsystems.com/products/encryption/encryptor-management/gem-one-encryptor-manager \|website=gdmissionsystems.com \|access-date=19 June 2022 \|language=en}}</ref> Both the HAIPE  IS  v3 management and HAIPE device implementations are required to be compliant to the HAIPE IS version 3.0 common MIBs. Assurance of cross vendor interoperability may require additional effort. An example of a management application that supports HAIPE  IS  v3 is the L3Harris Common HAIPE Manager (which only operates with L3Harris products).{{Citation Needed\|date=June 2022}} == See also == * [[ARPANET encryption devices]]▼ * [[NSA encryption systems]]▼ ==~~See~~ ~~also~~References == {{reflist}} ▲[[ARPANET encryption devices]] ▲[[NSA encryption systems]] == External links ==▼ ~~==References==~~ * [http://www.cnss.gov/Assets/pdf/CNSSP-19.pdf CNSS Policy #19 governing the use of HAIPE]▼ ~~{{Reflist}}~~ ▲==External links== ▲*[http://www.cnss.gov/Assets/pdf/CNSSP-19.pdf CNSS Policy #19 governing the use of HAIPE] [[Category:Cryptographic protocols]]

High Assurance Internet Protocol Encryptor: Difference between revisions