Senetas CN6000 Series Encryptors – rack-mounted, carrier-grade encryption for high-speed Ethernet networks.
The intrinsic key generation and distribution capability of the CN6000 Series eliminates reliance on external key servers, providing a robust, fault-tolerant security architecture.
Senetas CN6000 Series encryptors provide highly secure, full line-rate transparent encryption for data moving across metro / wide area Ethernet networks; in point-to-point, hub & spoke or meshed environments.
The CN6000 Series are rack-mounted, high-speed encryptors for business-critical applications, offering 1Gbps to 10Gbps bandwidth speeds. They are the optimal choice when you require:
- Efficient, investment-proof data encryption
- Multi-purpose, in-field upgradable and flexible hardware
- Choice of Common Criteria and FIPS certifications
- Compact 1U form factor with advanced performance and power features
CN6140 Multi-port Encryption
The CN6140 introduces even greater flexibility and is available as either a single or multi-port device. With rate limited options (per channel) users can customise their encryption to provide anything from 1Gbps up to 4x 10Gbps.
Senetas CN (and CV) Series encryptors include integrated support for KeySecure, the industry’s leading centralised key management platform. KeySecure provides simple and secure encryption key management across the entire lifecycle; including key generation, storage, distribution and deletion.
CN6000 Key Features
| Model | CN6010 | CN6100 | CN6140 Single Port | CN6140 Multi-Port |
| Physical encryption channels | 1 | 1 | 1 | Up to 4 |
| Maximum Speed | 1Gbps | 10Gbps | 10Gbps | 4x 10Gbps |
| Ethernet point-to-point, hub & spoke, mesh full-duplex encryption | ✓ | ✓ | ✓ | ✓ |
| Protocol and application transparent | ✓ | ✓ | ✓ | ✓ |
| Common Criteria EAL2+ EAL4+ certified | ✓ | ✓ | ✓ | ✓ |
| FIPS 140-2 L3 certified | ✓ | ✓ | ✓ | ✓ |
| Low overhead full duplex line-rate encryption | ✓ | ✓ | ✓ | ✓ |
| Front panel access for all interfaces | ✓ | ✓ | ✓ | ✓ |
| Ultra low latency for high performance | ✓ | ✓ | ✓ | ✓ |
| Support for external (X,509v3) CAs | ✓ | ✓ | ✓ | ✓ |
| Robust AES encryption algorithm | ✓ | ✓ | ✓ | ✓ |
| CRL and OCSP server support | ✓ | ✓ | ✓ | ✓ |
| Automatic key management | ✓ | ✓ | ✓ | ✓ |
| Flexible encryption policy engine | ✓ | ✓ | ✓ | ✓ |
| Encrypts Unicast, Multicast and Broadcast traffic | ✓ | ✓ | ✓ | ✓ |
| Network interfaces | RJ45 SFP | XFP | SFP SFP+ | SFP SFP+ |
| Policy based on MAC address or VLAN ID | ✓ | ✓ | ✓ | ✓ |
| Support for Jumbo frames | ✓ | ✓ | ✓ | ✓ |
| Self healing key management in the event of network outages | ✓ | ✓ | ✓ | ✓ |
| Per packet confidentiality and integrity with AES-GCM encryption | ✓ | ✓ | ✓ | @1Gbps only |
| Automatic network discovery and connection establishment | ✓ | ✓ | ✓ | ✓ |
| Centralised configuration and management using CM7 and SNMPv3 | ✓ | ✓ | ✓ | ✓ |
| AES 128 or 256 bit keys | 128/256 | 128/256 | 128/256 | 128/256 |
| Remote management using SNMPv3 (in-band and out-of-band) | ✓ | ✓ | ✓ | ✓ |
| Encryption modes *GCM @1Gbps only for CN6140 Multi-Port |
CFB CTR GCM |
CFB CTR GCM |
CFB CTR GCM |
CFB CTR GCM* |
| FPGA based cut-through architecture | ✓ | ✓ | ✓ | ✓ |
| Tamper resistant and evident enclosure | ✓ | ✓ | ✓ | ✓ |
| Anti-probing barriers | ✓ | ✓ | ✓ | ✓ |
| Dual swappable AC or DC power supplies | ✓ | ✓ | ✓ | ✓ |
| Flexible encryption policy engine | ✓ | ✓ | ✓ | ✓ |
| User replaceable fans and battery module | ✓ | ✓ | ✓ | ✓ |
| Fully interoperable with related CN/CS models | ✓ | ✓ | ✓ | ✓ |
| Latency – microseconds per encryptor (typical for IPv4 traffic with 64-1518 octet frames) | < 10 @ 1Gbps | < 5 @ 10Gbps | < 5 @ 10Gbps | < 5 @ 10Gbps |
| SNMPv1/2 monitoring (read-pnly) | ✓ | ✓ | ✓ | ✓ |
| NTP (time server) support | ✓ | ✓ | ✓ | ✓ |
| In-field firmware upgrades | ✓ | ✓ | ✓ | ✓ |
CN6040 End-of-Life Notification
Certified high-assurance encryption performance at up to 1Gbps.
*Please note: the CN6040 Fibre Channel and Ethernet product lines are subject to End-of-Sale (EoS) and End-of-Life (EoL) notices.
