CN6100-600x120-front

Senetas CN6000 Series Encryptors – rack-mounted, carrier-grade encryption for high-speed Ethernet and Fibre Channel networks.

The intrinsic key generation and distribution capability of the CN6000 Series eliminates reliance on external key servers, providing a robust, fault-tolerant security architecture.

Senetas CN6000 Series encryptors (also known as SafeNet CN6000 Series Encryptors) provide highly secure, full line-rate transparent encryption for data moving across both dark fibre and metro / wide area Ethernet networks; in point-to-point, hub & spoke or meshed environments.

The CN6000 Series are rack-mounted, high-speed encryptors for business-critical applications; offering 1Gbps to 10Gbps bandwidth speeds. They are the optimal choice when you require:

  • Efficient, investment-proof data encryption
  • Multi-purpose, in-field upgradable and flexible hardware
  • Choice of Common Criteria,and FIPS certifications
  • Compact 1U form factor with advanced performance and power features.

Senetas’ CN (and CV) Series encryptors include integrated support for SafeNet KeySecure (Gemalto’s centralised cryptographic key management solution) that provides maximum security for the storage of master keys, the integrity of security policies and the source of entropy for the generation of cryptographic keys.

CN6000 Key Features

Model CN6010 CN6040 CN6040 CN6100
Network Protocol Ethernet Fibre
Channel
Ethernet Ethernet
Maximum Speed 1Gbps 1-4 Gbps 1Gbps 10Gbps
Ethernet point-to-point, hub & spoke, mesh full-duplex encryption N/A
Protocol and application transparent
Common Criteria EAL2+ certified
FIPS 140-2 L3 certified
Low overhead full duplex line-rate encryption
Front panel access for all interfaces
Ultra low latency for high performance
Support for external (X,509v3) CAs
Robust AES encryption algorithm
CRL and OCSP server support
Automatic key management
Flexible encryption policy engine
Encrypts Unicast, Multicast and Broadcast traffic N/A
Network interfaces RJ45 SFP SFP RJ45 SFP XFP
Policy based on MAC address or VLAN ID N/A
Support for Jumbo frames N/A
Self healing key management in the event of network outages
Per packet confidentiality and integrity with AES-GCM encryption N/A pending
Fibre Channel point-point encryption N/A N/A N/A
Automatic network discovery and connection establishment
Centralised configuration and management using CM7 and SNMPv3
AES 128 or 256 bit keys 128/256 256 128/256 128/256
Remote management using SNMPv3 (in-band and out-of-band)
Encryption modes CFB
CTR
GCM
CFB CFB
CTR
GCM
CFB
CTR
GCM
FPGA based cut-through architecture
Tamper resistant and evident enclosure
Anti-probing barriers
Dual swappable AC or DC power supplies
Flexible encryption policy engine
User replaceable fans and battery module
Fully interoperable with related CN/CS models
Latency – microseconds per encryptor (typical for IPv4 traffic with 64-1518 octet frames) < 10 @ 1Gbps
< 50 @ 100Mbps
< 650 @ 10Mbps
<1 < 10 @ 1Gbps
< 50 @ 100Mbps
< 650 @ 10Mbps
<5
SNMPv1/2 monitoring (read-pnly)
NTP (time server) support
In-field firmware upgrades