

Security Encryption System
A communication security encryption defense scheme for special industry market, aiming at the security threats such as hacking and monitoring in the integrated services including the voice, video, VOIP, file transfer etc. in the internet, uses both the symmetric and asymmetric key encryption algorithm, provides the user with a security encryption defense function for the end-to-end, subnet to subnet data service so as to protect the user’s information such as the trade secrets, personal privacy etc., and gain the user a preemptive opportunity in the competition.
Needless to change previous network topology and communication infrastructure, by adding this system, a comprehensive security encryption defense of the data service and VoIP service in the network could be achieved.
Systematic security scheme based on high intensity encryption system with independent intellectual property
Main Features
- Automatic: no tedious operation of the user
- Fast: just in several seconds
- Safe: equipment identification based on
- impeccable CA system
Intelligent identity authentication
- Integrated management of the terminal account number
- Safe audit for the system and equipment
- Remote key destroy
Integrated management
- unique key exchange
- Encryption algorithms via hardware encrypt card
- dynamic loading of the encryption parameters
- Timely key destroy
- one key for one port
High intensity security encryption
- VoIP compatible with network base on soft switch and IMS;
- Needless to upgrade current network equipment;
- No need to upgrade current network topology;
- Compatible with both the public and confidential terminal, maintain the user’s current investment at maximum level;
Good network compatibility
Main function
- provide the user with encryption services to the IP fixed telephone, computer data
- provide the port-to-port encryption defense between the headquarter and the branches;
- provide the end-to-end encryption defense to the voice and video in the SIP terminal server;
- provide the encryption defense to the voice, monitoring, roaming etc.
- compatible with the management functions such as production, distribution, change, destruction
Main performance
- impact on the voice call quality: call contacting in 1 second at maximum;
- encryption-based transport protocol: improved Ipsec, SRTP/SRTCP encapsulation protection;
- Intensified Ethernet Switch:encryption speed 4Gbps, 3000encrypted tunnel ;
- SIP terminal privacy machine: encryption speed 2Mbps, 4 encrypted tunnel ;
Security features
- key online negotiation;
- compatible with the equipment certificate and the off-line distribution, the key was generated in standard white noise;
- compatible with the encryption algorism like SM2, SM3, SM4,AES,DES etc.
- one communication one key, one tunnel one key, key will be destroyed after the communication;
- safe audit for the system and equipment, pro for key destruction on site or remote in emergency.
Integrated services security encryption defense scheme
a combined encryption scheme of both symmetric and asymmetric algorithm
- symmetric encryption algorithm for controlled data, asymmetric encryption algorithm for signature;
- symmetric encryption algorithm for services and local stored data;
off-line management primarily, on-line management secondly
- off-line management: identity authentication and negotiation via certificate;
- on-line management: intensified services like certificate expiration, remote key destruction.
key and certificate by KMC
- identity authentication
- key for local data encryption
- public and private key for the equipment
Encryption data encapsulation for SIP Terminal Encryptor
Encryption data encapsulation for Intensified Ethernet switch
Specifications
Intensified Ethernet Switch(IES5700S)
Installed in the network of the enterprise headquarter or branches, to provide the encryption security for the communication data.
Multirotor
- Maximum duration of flight :≥30 minutes
- Max. flight altitude :≥300m
- •Dimensions : diameter ≤1100mm,Height≤800mm (in operation).
encryption feature:
- encryption tunnel:3000
- encryption speed:4Gbps;
- relay time: less than0.1ms
- Size: 1U height, standard 19 inches rack;
- AC:100V-240V,50Hz±10%;
Environment adaptation:
- working temperature:0℃~45℃;
- storage temperature :-40℃~65℃;
- Relative humidity :20%~80%。
features of general 3layers switch
- Support hierarchical classification management, Anti DDoS attack and other security functions;
- Support DHCP Server, VLAN, STP/RSTP/MSTP, LLDP,LACP,Port mirroring and other functions;
- Interface:Optional support 24 / 48 Gigabit electric / optical port + 40000 MHz optical port, one Ethernet management port and one console port;
series of the IES
- IES5700S-24S4X
- IES5700S-48S4X
- IES5700S-24T4X
- IES5700S-48T4X