Thales Norway AS
NISnet Kick-off
UiB 10. oktober 2007
Leif Nilsen
Thales Norway AS
Thales
 Internasjonalt konsern med
hovedkontor i Frankrike
 68 000 ansatte i tre forretningsområder
 Omsetning >10.2 milliarder Euro (2006)
Defence
Thales Norway
 Heleid datterselskap med 185 ansatte
 Kontorer i Oslo, Trondheim og Stavanger
 Produktutvikling, systemintegrasjon, tjenester
Aerospace
 Største produktområder

Sikkerhetsløsninger – krypto - MMS

Kommunikasjonsnettverk
Thales Norway er verdensledende på leveranser
av High Grade krypto til NATO (-land)
1
Thales Norway AS
Security
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Thales
EKMS
TCE 621
2002
TCE 611
TCE 500
TCE 300
KTP 3
1999
1997
1993
TVPN
1987
TCE 520
1978
RACE
1970
1967
TCE 160
Cryptel 265
1963
ETCRRM
1960
Cryptel 245
1956
Cryptel 240
Selma
2
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Historical Product Overview - Security
 High grade crypto device for IP based
data networks

Approved by Norwegian National
Security Authorities for all security levels

Approved by NATO for all security levels
TCE 621 - 10 Mb/s
– including Cosmic Top Secret
 7000 units sold

TCE 621/B - 100 Mb/s –
TCE 621/C - 1 GB/s
Used in national networks in 21 countries
 Prepared for Dual Algorithms / national
adaptation and evaluation
 Main functions (TCE 621, TCE 621/B & TCE 621/C)

TCE 621 the NATO standard
IP crypto equipment





3
Thales Norway AS
Supports both IPv4 and IPv6
Electronic and/or manual key distribution
Removable crypto ignition key
Tamper protected case
Tempest according to AMSG 720B
NATO approved crypto algorithm
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Cryptel®-IP family
TCE 621
(GEN-1-17)
 Data rate
10 Mbps
TCE 621
generation
Characteristics as
1st generation
 Throughput
>6 Mbps
4
Additional features
 Internal power
 Multicast
 AUI interface
 Redundancy
 NATO approved
for CTS
 NAT / UDP encaps.
 Selected as
NICE
 SW upgradeable
locally
Thales Norway AS
TCE 621/B
TCE 621/C
2nd
 ACR load
 Fully compatible with  Fully compatible with
10 Mbps version
10 Mbps version
 Data rate
 Data rate
10/100 Mbps
 Throughput
~100 Mbps
~100.000 pps
 External power
 Ethernet / Fibre
interface
 Approved for Secret,
target CTS
 Central SW upgrade
 Prepared for
new/dual algorithms
10/100/1000 Mbps
 Throughput
>300 Mbps
~100.000 pps
 External power
 Ethernet / Fibre
interface
 Approved for
Secret, target CTS
 Central SW upgrade
 Prepared for
new/dual algorithms
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Cryptel®-IP family components
Cryptel®-IP family today
Security Management Center
TCE 621 KP
TCE 621 FE
TCE 621/B
Out of area
operations
TCE 671
Multicast
TCE 621
QoSrouter
TCE 621
Redundancy
TCE 621
Wide Area
Network
(WAN)
TCE 621/B
NATtraversal
Network manager
interface
5
Thales Norway AS
Host
protection
Examples of available functionality
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Tactical
networks
eCustodian System
KPE
ADS server
MMHS client
MMHS
Server
ADS client
TCE 621
IP network
TCE 621
TCE 621
ADS server
MMHS client
ADS server
MMHS client
SubDA
LDA
KPE
KPE
6
DTD
Reproduction PC
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
NDA
Key
Production
Equipments
Secure
Radio and
Telephone
Switching
Non-secure
Radio and
Telephone
Switching
VCF
MFT
OTA
LAN
Telephone
Network
LAN
VCF
Radio
Transmission
Network
MFT
Remote
Radio
OTA
Local
Radio
Crypto
Crypto
Crypto
unit
unit
unit
Secure switching
network
7
Thales Norway AS
Non-secure switching
network
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
OTA i VCS
 Cross Domain Solutions (CDS)

Information exchange between security domains


Trusted platforms, MLS (MILS), Content/role based access
Object labelling, XML security
 Flexible and dynamic infrastructure

Protected Core Networking (PCN)

Prevention of unauthorized traffic

End-to-end QoS
Extended core, Object level protection

 Key management

8
Number of keys, flexibility and speed
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
NNEC challenges
 Implementasjon med maksimal tillit (assurance)
 Design for evaluering
 Fleksible implementasjoner
 Interoperabilitet
 SCIP
 HAIPE
 EKMS
 Høyhastighetskrypto (> 10 Gbps)
 Nettverksutfordringer (NEC, AdHoc)
 Dual Mode
9
Thales Norway AS
This document is the property of Thales Group and may not be copied or communicated without written consent of Thales
Aktuelle problemstillinger