Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

KG-255X - ViaSat

advertisement 
KG-255X*
2-Gbps IP Network Encryptor for TS/SCI
»»Minimize Network Overhead and Simplify Configurations
with Embedded OSPF/PIM
»»Software-Upgradable to Host Future Cybersecurity
Requirements
»»Real-Time Security Monitoring and Visualization
»»Low SWaP—Two Fit Across a 1U Rack
»»NSA-Certified Type 1 HAIPE®
Cyber adversaries are getting smarter, finding ways
around traditional perimeter protection and exploiting
vulnerabilities in siloed network security. The ViaSat
KG-255X combines NSA-certified Type 1 HAIPE network
encryption with the latest cyber defense technologies
and visualization software, so you can securely
communicate over IP and gain actionable intelligence
on your network security posture.
Leveraging 2 Gbps aggregate processing power
and a software-programmable architecture, this
high-availability security appliance delivers trusted
protection for your enterprise network or data center.
With the ability to host a wide range of networking and
cybersecurity applications within its high-assurance
boundaries, such as Open Shortest Path First (OSPF)
and Protocol Independent Multicast (PIM), the ViaSat
KG-255X can help reduce your network overhead
and seamlessly integrate remote red networks. Using
the IPMEIR protocol (in Suite B), you can also bridge
commercial and classified networks to improve your
overall quality of service.
By distributing the ViaSat KG-255X throughout
your network, device, peer, and contextual data is
transformed via integrated visualization software so
you can immediately identify and respond to cyber
threats, all with a few clicks of your mouse.† This
exclusive quality of trust visualization is interoperable
with existing security infrastructure, including standard
security information event management (SIEM)
interfaces, to enable streamlined network security
management and out-of-band reporting.†
*NSA certification pending. †Future capability available via software upgrade.
KG-255X AT-A-GLANCE
Actionable Cybersecurity Intelligence
»»Integrated software provides a real-time, actionable
view of your network security posture
»»Remotely monitor and manage appliances, including
other HAIPE devices, with VINE Manager™ software
»»Out-of-band reporting and interoperability with
standard SIEMs†
Enhanced Networking Capabilities
»»Embedded OSPF and PIM routing
»»High performance in VoIP applications
»»Embedded TCP/IP accelerator (xPeP)
»»Multicast video on demand
Suite Agile and HAIPE IS Compliant
»»Suite A and/or Suite B
»»HAIPE IS v4.1 and v3.1.2 compliant
»»HAIPE-to-HAIPE over the air/net keying
»»Fully FI compliant with software and key material
source authentication and programmability
»»Usable by coalition allies and Department of
Homeland Security
»»Supports multiple Communities of Interest (COIs)
and segregation via exclusion keys
Crypto-Modernization Centric
»»Programmable encryption
»»Key and algorithm agile per packet
»»Device generated shared key (DGSK) and EKMS/
KMI compliant
Managed Services and Leasing Options
»»Software-maintainable to adapt to evolving
cybersecurity requirements
»»Upgradable to host additional cybersecurity
applications
»»5-year appliance warranty
(extended options available)
»»INE trade-in program available
»»Free training and 24/7 technical support
ViaSat KG-255X*
SPECIFICATIONS
NETWORKING FEATURES AND PROTOCOLS
RELIABILITY AND MAINTENANCE
Protocols SupportedTCP, UDP, IPv4/IPv6 Dual Stack, ICMP, IGMP,
ARP, DHCP, PIM
Networking FeaturesDynamic IP addressing, dynamic key management,
red address confidentiality with dynamic peer
discovery, embedded OSPF routing, support for
“JUMBO” Ethernet frames
Management
SNMP & HTTPS browser-based management,
VINE Manager
MulticastIGMP on red and black subnet
Quality of Service (QoS) Type of service octet bypass
FragmentationSupports fragmentation and header options for red
IP packets
Predicted MTBF250,000 hr
Predicted MTTR15 min
Other
Extensive power up and online BIT
NETWORK INTERFACES
Plaintext Data Interface
»» Electrical/MechanicalIEEE 802.3; copper RJ-45 SFP 10/100/1000
Base-T, IEEE 802.3; optical SFP 1000 base-SX,
LX, ZX, various connector styles (LC, MT-RJ)
Ciphertext Data Interface
»» Electrical/MechanicalIEEE 802.3; copper RJ-45 SFP 10/100/1000
Base-T, IEEE 802.3; optical SFP 1000 base-SX,
LX, ZX, various connector styles (LC, MT-RJ)
Management Interface
»» Electrical/Mechanical IEEE 802.3; 10/100/1000 Base-T; copper RJ-45
Future InterfacesSupports up to three plaintext and three
ciphertext ports
COMSEC CHARACTERISTICS
Algorithm AgileIPMEIR, Type 1 Suite A and/or Suite B (AES-EFF)
cryptography
Key Fill InterfaceDS-101
Flexible KeyingModular, Crypto Ignition Key (removal to
unclassified CCI), EKMS, unclassified/classified
DGSK, IKEv2/ECDH, software-upgradeable to
KMI OTNK†
PHYSICAL
Dimensions (W x H x D) 7.9 x 1.5 x 12.5 in.
Weight9 lb
Power
40 W; 12 to 28 VDC;
MIL-STD-1275E; MIL-STD-704F
Battery
E xternal user replaceable battery, one “1/2AA”
lithium cell, 3.5 year operating life typical
ENVIRONMENT
Operating Temperature -40° to 60° C
Storage Temperature -40° to 71° C
Humidity
To 95% MIL-STD-810G, Method 507.5
Altitude
50,000 ft operational; 70,000 ft storage;
MIL-STD-810G, Method 500.5
Vibration
MIL-STD-810G, Method 514.6, Category 4
Shock
MIL-STD-810G, Method 516.5
EMI/EMC
MIL-STD-461E
Rain
Blowing rain MIL-STD-810G, Method 506.5
Sand/DustMIL-STD-810G, Method 510.5
FungusMIL-STD-810G, Method 508.6
Salt FogMIL-STD-810G, Method 509.5
CERTIFICATION
NSA Certified for TS/SCI and below
TEMPEST Compliant NSTISSAM 1/92 Level 1 Ordering information
ORDERING INFORMATION
Part Number1195064
Available for Order Through IDIQ and ViaSat
REAL-TIME SECURITY MONITORING AND VISUALIZATION
SECURE OPERATIONS CENTER
SIEM
ViaSat Cybersecurity
Visualization Software
High-Side
Network
ViaSat KG-255X
Low-Side
Network
CONTACT
SALES
TEL 888 842 7281 (US Toll Free) or +1 760 476 4755
FAX +1 760 683 6815
EMAIL insidesales@viasat.com
WEB www.viasat.com/secure
Copyright © 2012-2015 ViaSat, Inc. All rights reserved. ViaSat, and the ViaSat logo are registered trademarks of ViaSat, Inc. VINE is a trademark of ViaSat, Inc. HAIPE is a registered trademark of the National Security Agency.
All other trademarks mentioned are the sole property of their respective companies. Specifications and product availability are subject to change without notice. The Type 1 encryption provided by this High-speed IP Encryptor
is part of the Department of Defense “Defense In Depth” strategy. Type 1 encryption is only one portion of the overall defense in depth. A comprehensive network Information Assurance strategy involving “Defense In Depth” is
required to ensure secure and reliable protection for sensitive and classified information. *NSA certification pending. †Future capability available via software upgrade. 030-150916-023
Related documents
KG-250XS
KG-250XS
SEC-1140V
SEC-1140V
V i a S a t M a... Daryl Hunter
V i a S a t M a... Daryl Hunter
Manufacturer`s Certificate of Environmental Conformance
Manufacturer`s Certificate of Environmental Conformance
Cybersecurity Best Practices for Distributed Energy Grids CASE STUDY
Cybersecurity Best Practices for Distributed Energy Grids CASE STUDY
VDC-600 - ViaSat
VDC-600 - ViaSat
C-17 Fixed Installation Satellite Antenna Terminal
C-17 Fixed Installation Satellite Antenna Terminal
RT-1829(P)/S
RT-1829(P)/S
The ViaSat Data Controller 550
The ViaSat Data Controller 550
MIDS-LVT(2)/(11)/(12)
MIDS-LVT(2)/(11)/(12)
Cellular Network Extension System
Cellular Network Extension System
RF Signal Environment Generation
RF Signal Environment Generation
Download
advertisement