Instruction/ maintenance manual of the product DATACRYPTOR 1270A450-005 Thales
Go to page of 134
Datacryptor ® Ethernet User Manual 1270A450-005 June 2008.
Datacryptor Ethernet User Manu al Preface Page 2 THALES.
Datacryptor Ethernet User Manu al Preface 1270A450-005 - June 2 008 Page 3 Contents 1 Prefac e ............................................................................................................................................ 5 Trademark Ackn owledgem ents .
Preface Datacryp tor Ethernet User M anual Page 4 THALES Configure Dialog ...................................................................................... 43 Key Manager ...........................................................................
Datacryptor Ethernet User Manu al Preface 1270A450-005 - June 2 008 Page 5 1 Preface Trad emark Ackn owledgem ents Datacryptor i s a tradem ark of Thales e-Secu rity. Microsoft Windows ® XP an d Wind ows ® 2003 are registered trademarks of Microsoft Corporation.
Preface Datacryp tor Ethernet User M anual Page 6 THALES License Agreement and General Inform ation THALES e-SECU RITY LTD. (" THALES") COMPU TER PROGRAM LICE NSE AGREEMEN T YOU SH OUL D CARE FULLY READ T HE FOL LOWI NG TE RMS AND C ONDI TION S OF THI S LICE NSE AG REE MENT (t he "AGREEMENT" ).
Datacryptor Ethernet User Manu al Preface 1270A450-005 - June 2 008 Page 7 LIMITED WARRANTY The following limited warranty applies only to the Software and/or Firmware licensed hereunder. The hardware Machine is warranted pursuant to a separate Warranty set fort h in the Machine documentation.
Preface Datacryp tor Ethernet User M anual Page 8 THALES The government agrees that it shall be bound by the terms and conditions of this license agreement, to the maximum extent possible under federal la w.
Datacryptor Ethernet User Manu al Preface 1270A450-005 - June 2 008 Page 9 Secu rity Advi sory This unit is being ship ped with a U niversal Ce rtificate Aut hority that is to be use d for demonstration p urposes only. USE OF THE DEVICE, AS INITIALLY CONFIGU RED, IN AN OPERA TIONAL EN VIRONME NT IS NOT REC OMMEND ED.
Preface Datacryp tor Ethernet User M anual Page 10 THALES Contact Inform ation SALE S OFFI CES Ame ricas THALES e-Security, INC 2200 North Commerce Parkway Suite 200 Weston, Florida 33326 U.S.A. Tel: +1 954 888 6200 Fax: +1 954 888 6211 Toll free within USA: +1 888 744 4976 e-mail: sales@thalesesec.
Datacryptor E thernet User Manu al About This Docu ment 1270A450-005 - June 2 008 Page 11 2 About This Document Viewin g th is docum ent in Adob e Acroba t PDF V iewer It is recommended t hat this PDF document is viewed at 100% size with text smoothing adjuste d to suit y our monitor.
About This Document Datacryptor Ethernet User Manual Page 12 THALES This ma nua l is organ ized int o th e follo wing se ctions : Overview provides ge neral informat ion on the hardware an d software. Backgroun d Informat ion provides a brief introduction to the device and Et hernet Layer 2 technology and terminology.
Datacryptor Ethernet User Manu al Overview 1270A450-005 - June 2 008 Page 13 3 Overview The Thal es Datacryptor E thernet is a high speed , high bandwidth, integrated security appliance.
Overview Datacryptor Ethernet User Manu al Page 14 THALES Figu re 3-3: Thale s Datacr yptor 1 Gig Eth erne t Front Pa nel Fig u re 3-4: Datacryptor 1 Gig Ethernet Rear Pa nel Fig u re 3-5: Thales Dat .
Datacryptor Ethernet User Manu al Overview 1270A450-005 - June 2 008 Page 15 Product Features Installat ion • M ount in any standard 19” rack or on a tabletop Interfaces • The 100 M b Ethernet h.
Overview Datacryptor Ethernet User Manu al Page 16 THALES Element Manager The El ement Manager ap plication pro vides a secure w ay to conf igure, m anage, and upgrad e the Datacryptor Ethernet. The program runs under various versi ons of Microsoft Windows operating systems.
Datacryptor Ethernet User Manu al Background Information 1270A450-005 - June 2 008 Page 17 4 Background Information Datacryptor Ethernet Unit The Thal es Datacryptor E thernet units are hi gh performance, in tegrated secu rity appliances that provide encr yption at high line sp eeds.
Background Information Datacryp tor Ethernet User Manu al Page 18 THALES Authe ntic ate Manag ement D ata - The Datacry ptor Ethernet us es the HMAC keyed hash vari ant of the S HA-1(S ecure H ash Algori thm) to authen ticate m anagem ent da ta using S NMP v3 .
Datacryptor Ethernet User Manual Installation 1270A450-005 - June 2 008 Page 19 5 Installation This section will de tail the insta llation of the hardware and software.
Instal latio n Datacry ptor Eth ernet Us er Manu al Page 20 THALES Airflow Make s ure th at ther e is su ffici ent flow of ai r aroun d the D atacryp tor so that s afe op eration is not compro mised. Maintain a clearance of at least 3 inches (7.62 cm) at the side s of the Datacryptor to ensure ad equate air inta ke and exhaus t.
Datacryptor Ethernet User Manual Installation 1270A450-005 - June 2 008 Page 21 Port Cabling Supplie d By Network a nd Host Port For the 100 Mb Et hernet unit : Category 5 or above RJ-45 connector. For the 1 Gig and 10 Gig Et hernet units : De penda nt on the SFP s or XFP s ordered with th e unit.
Instal latio n Datacry ptor Eth ernet Us er Manu al Page 22 THALES Figure 5- 1: Datacryptor Panel Connectors (The 100 Mb Ethernet unit’s management ports are located on the front panel) Power on th e Datacryp tor The Data cryptor soft ware is factory-in stalled on the applia nce.
Datacryptor Ethernet User Manual Installation 1270A450-005 - June 2 008 Page 23 4. On the Da tacry ptor’s r ear panel , plug the p o wer cords into the power receptacles. Attach the opposite ends t o a power source. The pow er LED illuminates when th e unit is powered up .
Instal latio n Datacry ptor Eth ernet Us er Manu al Page 24 THALES • T he PC must have a pointi ng device (mous e), a CD ROM drive, a free s erial port, and at least 228 Mb hard disk space (for the software and data files).
Datacryptor Ethernet User Manu al Connecting to Datacryptor Ethernet Units 1270A450-005 - June 2 008 Page 25 6 Connecting to Datacryptor Ethernet Units There ar e three m ethods of conn ecting to the Da tacryp tor Ethern et uni ts: Elem ent Man ager, serial connection to CLI, and SNMP.
Connecting to Datacryptor Ethernet Units Datacryp tor Ethernet User Manual Page 26 THALES 2. Open a term inal session throu gh a VT-100 termin al emulation program such as HyperTerminal.
Datacryptor Ethernet User Manu al Connecting to Datacryptor Ethernet Units 1270A450-005 - June 2 008 Page 27 7. At the IPCONFIG > prompt, type: SET <port> <ip address> <sub net mask&.
Connecting to Datacryptor Ethernet Units Datacryp tor Ethernet User Manual Page 28 THALES 5. Click on the short cut to launch the connection. 6. Select t he Properties button. 7. On the General tab confirm correct connection. 8. Click Configure button and use the menu to set th e maxim um con nection s peed of 115200 bps.
Datacryptor Ethernet User Manu al Connecting to Datacryptor Ethernet Units 1270A450-005 - June 2 008 Page 29 4. Select t he unit type as Datacryptor and enter the IP address of the Da tacryptor Eth ernet unit. Press Ente r or select Next to cont inue.
Connecting to Datacryptor Ethernet Units Datacryp tor Ethernet User Manual Page 30 THALES 5. Selec t the con nection type for th e Datacr yptor E thernet u nit; pres s Enter or click on Next to con tinu e.
Datacryptor Ethernet User Manu al Connecting to Datacryptor Ethernet Units 1270A450-005 - June 2 008 Page 31 8. Now, d ouble-c lick on the new Datac ryptor icon to connect to it.
Connecting to Datacryptor Ethernet Units Datacryp tor Ethernet User Manual Page 32 THALES 10. You can login to it by using the Login button, and manag e it by us ing the View Logs, Prop erties and License Managem ent buttons. The manag ement facilities are described in Element Manager Reference section below.
Datacryptor Ethernet User Manu al Connecting to Datacryptor Ethernet Units 1270A450-005 - June 2 008 Page 33 This provides a mechanism for another appli cation (e.g. an SNMP network m anager) to invoke the Front Pane l Viewer for a specified Da tacryptor unit.
Element Manager R eference Datacryptor Ethernet User M anual Page 34 THALES 7 Element Manager Reference The Elem ent Manager consis ts of the follow ing components: • The Main Windo w • T he Front.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 35 Main Window Pull-down Menus The pull- down menus are: Fil e , Edit, View, Tools and Help. File The foll owing options ar e availabl e from the File pull-down menu: Menu Option Description New Un it Add a new Datacry ptor un it to the w indow .
Element Manager R eference Datacryptor Ethernet User M anual Page 36 THALES Tools The foll owing options ar e availabl e from the Tools pull- down menu: Menu Option Description View Audi t Log Display an audit log of all changes made usi ng the Elem ent Manager.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 37 To conn ect t o a Dat acrypt or unit : 1. Double-click its icon. 2. Once the connection has been m ade, the Fron t Panel Viewer will be dis played showing information rea d from the unit.
Element Manager R eference Datacryptor Ethernet User M anual Page 38 THALES Front Panel Viewer A splash scr een is displa yed when you a ttempt to connect to a Datacryptor Ethe rnet unit. This proces s shou ld norm ally com plete with in a few seconds bu t might take u p to one m inute.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 39 100 Mb Ethernet Front Panel Viewer 1 Gig Ethernet Front Panel Vi ewer.
Element Manager R eference Datacryptor Ethernet User M anual Page 40 THALES 10 Gig Ethernet Front Pa nel Viewer The manage ment faci lities are p rovided by the View Logs and Prop erties button s.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 41 • Beneath the front panel diagra m are five large bu ttons that prov ide direct access to manage ment facilities (see the Front P anel Vi ewer butto ns section below).
Element Manager R eference Datacryptor Ethernet User M anual Page 42 THALES Fast Flash Link Down Slow Flash Not used Off Loss of Signal, Loss of Synchronization The F ront P anel Vi ewer b uttons The .
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 43 • Help : The Help button la unches the he lp application disp laying the he lp file for t he dialog. • Close : The Close bu tton closes the Front P anel Viewer.
Element Manager R eference Datacryptor Ethernet User M anual Page 44 THALES Extend ed files, includin g those th at have been au tomati cally up graded, shou ld not be us ed in previous ve rsions of the Front Panel Viewer as that could make them un usable in this c urrent version.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 45 The user w ill be blocked from further attem pts for this time.
Element Manager R eference Datacryptor Ethernet User M anual Page 46 THALES When th e directo ry is s et to read- only the F ront P anel View er will di sable the C onfigu re button . Key Manager As previ ously stated when the D atacryptor E thernet unit i s supplied f rom the Manu facturer, Thales e -Security provides t he CA that is loa ded.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 47 2. Click the Comm ission button a t the top of the di alog.
Element Manager R eference Datacryptor Ethernet User M anual Page 48 THALES Step 1 : Install ing a new Certi ficate Au thority (CA) Units are normally delivere d under the control of the manu facturer CA (DC2K Manufactu rer), with the Universal CA av ailable on disk ; this dialog allows you t o transfer control t o a different custom CA: 1.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 49 Step 2: Ins talling the authenti cating CA: Inser t the dis kette con tainin g the auth enticati ng CA' s .CA fil e and enter the path to the .CA f ile (or us e the Brow se bu tton to fi nd it).
Element Manager R eference Datacryptor Ethernet User M anual Page 50 THALES Step 3: Setting the uni t name: Each D atacryp tor Ethern et uni t withi n a User Grou p must h ave a diff erent nam e.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 51 Step 4: Generating a Certi ficate: 1. Enter the pa th to the .
Element Manager R eference Datacryptor Ethernet User M anual Page 52 THALES 1. Click Finish to begin the com missioning proces s, which w ill take a few seconds. 2. When commi ssioning has co mpleted, conf irm that the Datacrypt or unit's LEDs a re flashing (which indicates that the unit has been commissioned successfully).
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 53 Login Dialog This dial og is displayed when you select the Login button f rom th e Fron t Pane l View er, to l ogin to gain access t o the unit management facilitie s.
Element Manager R eference Datacryptor Ethernet User M anual Page 54 THALES Logs Window The D atacry ptor E therne t moni tors n etwo rk oper at ions and records infor mation in an audit log abou t network events o r operati ons sp ecific to a device.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 55 • Tr ace: A report of internal software conditions detected by the uni t, these are not hardware errors bu t may help support pe rsonnel understand unusual operational conditions.
Element Manager R eference Datacryptor Ethernet User M anual Page 56 THALES Properties Dialog The Prop erties dial og is displayed when you s elect the Pr operti es butto n in the F ront P anel Viewer. T he image show n on the di alog will ref lect the mod el of Ethernet D atacryptor tha t you are using.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 57 Each of the tabs will now be described in t urn. The Gene ral Tab The prop erties on th e Genera l tab control th e general behav ior of the u nit.
Element Manager R eference Datacryptor Ethernet User M anual Page 58 THALES Cable dete cted : the types of cable connected to the u nit. Save : stores the cu rrent properties in a named file, which can then be loaded using the Load button (for ex ampl e, to res tore the s ettings after a unit has been re set to f actory defaul ts).
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 59 The Diagnost ics Ta b The Diagnostics tab will provide a range of diagnostic ai ds. Current ly, it provide s two diagnost ic facilities: Reboot: click this butt on to reboot the unit as if it had been t urned off and on again.
Element Manager R eference Datacryptor Ethernet User M anual Page 60 THALES Er as e: click this button to era se the unit’s Key ma terial. Basic un it Configur ation will not be lost, i.e. the unit can still be ma naged remote ly once the unit ha s re-booted.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 61 Note: The loopb ack mode is regard ed as a transien t feature i ntended pu rely as a n aid to troubleshooting. Therefore w hen the unit is rebooted the loopb ack options are set to Disabled .
Element Manager R eference Datacryptor Ethernet User M anual Page 62 THALES Conf igurin g SN MP Datacryptor units record al l significant managem ent and error events in their logs for later examinati.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 63 − E nter the Location and Contact information for t his unit. Both edit boxe s accept spaces and alphanumeric characters. There is a limit of 255 characters for each field.
Element Manager R eference Datacryptor Ethernet User M anual Page 64 THALES 5. Click OK to add the c ommu nity. To edit a n SNMP commu n ity: Select th e entry to edit by clicking on it, a nd then click t he Edi t butto n. To delete an S NMP community: Select th e entry to delete by clicking on it, and t hen click the De let e button .
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 65 Traps Tab The Traps tab lists t he details of each SNMP tr ap that has been defined for this unit , and p.
Element Manager R eference Datacryptor Ethernet User M anual Page 66 THALES − Trap Addr ess : Type the IP address of the SNMP trap manager. − Community : T his field is unu sed because th e unit only issu es SNMP Version 3 trap s. You c an set this field to any value w ithout aff ecting beh avior of trap issu ance.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 67 Add ing SNMPv 3 Tra p Ma nager s: When us ing SNMPv3 y ou are able to specify whether the repo rts will use authen tication alone, or authentication and privacy combined, or no security at all.
Element Manager R eference Datacryptor Ethernet User M anual Page 68 THALES.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 69 To edit an SNMP trap m anager: 1. Select th e entry to edit by clicking on it, a nd then click t he Edi t butto n. 2. Edit t he entries in the Edit Trap Mana ger dialog as r equired, an d then click OK .
Element Manager R eference Datacryptor Ethernet User M anual Page 70 THALES IP Route Co nfig Selecting thi s button on the Pr operties - IP Managem ent tab will display the IP routes dialog detailing .
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 71 The Security Tab The prop erties on the Security tab control crucial aspects of the security of the Datacryptor unit. They are as foll ows: • KEK : the longes t time th at the u nit will use a KEK fo r, in day s, hours, minu tes.
Element Manager R eference Datacryptor Ethernet User M anual Page 72 THALES • Disable Key E xchanges : check thi s box to di sable all key exchan ges other than tho se required to make a secure connec tion. (Thi s disables the prev ious 4 control s until you unche ck it .
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 73 The RIP Tab The R IP tab s ets up the prop erties o f the Rou t ing I nform ation Pr otocol (R IP) and co nfigur es the way Rip mess ages are sent to o ther routers.
Element Manager R eference Datacryptor Ethernet User M anual Page 74 THALES • RIP 2 (br oadcast) - this se ts the Da tacry ptor to b e com patible w ith RIP versi on 2 bu t uses the broadc ast mod e. Some n etworks th at are u sing RIP 1 may wan t to use R IP 2 but not u se mul ticast tra nsmissio ns.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 75 The Ethe rnet Comm Tab for 1 and 10 Gigabit Da tacryptor s The proper ties on the E thernet Comm tab control the communic ations setting s of the Datacryptor u nit.
Element Manager R eference Datacryptor Ethernet User M anual Page 76 THALES The unit can be rebooted u sing the opti on available on th e Diagnostic tab Interfa ce Mode - Allows the Host and network interf aces to be sw itched Up/Dow n. Laser Mode - Allo ws the Host and network Lasers to be individually switche d On/Off.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 77 The Ethe rnet Comm Tab for 100 M b Datacryptor The proper ties on the E thernet Comm tab control the communic ations setting s of the Datacryptor unit. They are as foll ows: Mode - Selects one of two options for the transmission mode.
Element Manager R eference Datacryptor Ethernet User M anual Page 78 THALES The unit can be rebooted u sing the opti on available on th e Diagnostic tab Interfa ce Mode - Allows the Host and network interf aces to be sw itched Up/Dow n. Link Mode - Allows the Host and network connections to be indivi dually switched On/Off.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 79 The Et hernet E ncryption Ta b The Eth ernet Encr yption ta b shows the Cur rent En cryp tion mod e in use by the unit. Target E ncryption m ode : Th is allow s you to s elect the targe t or requ ired enc ryptio n mode using the dr op down menu .
Element Manager R eference Datacryptor Ethernet User M anual Page 80 THALES The E xpert Tab The Et hernet Expe rt ta b allows t o Enable CTS Mod e . The Eth ernet Expert tab is not sho wn when using t he 10Gig Ethernet unit since CTS mode is a lways enable d for the 10Gig Et hernet unit.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 81 The Et hernet Tunne ling Ta b The Ether net T unneling tab will only be present when Tunneling mod e is selected on t he Ethernet Comm tab.
Element Manager R eference Datacryptor Ethernet User M anual Page 82 THALES This is ente red by select ing the Change button, the foll owing dialog is show n. Enter the re quired add ress in the box es shown. Movem ent between th e boxes can be achi eved by usi ng the mou se or the tab and shif t tab ke y combinations.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 83 This giv es the op tion of setting a m aximum of four rules o n both the H ost to N etwork an d Network to Host ports. Se lecting t he New Rule button w ill open the Fil ter R u le dialog.
Element Manager R eference Datacryptor Ethernet User M anual Page 84 THALES MAC Address The destination a nd source addresses are standa rd MAC addresses with the added opt ion of using the *w ildcard character (s ee below) to enab le a range of addres ses to be identi fied.
Datacryptor Ethernet User Manu al Element Manager Referen ce 1270A450-005 - June 2 008 Page 85 The perm issibl e range for Fragmentation Size is: • Gigabit Ethernet : 0 = no fragmentation, 256 ≤ Fragmentation Size ≤ 16300 • 10/100 Mb Ethernet : 0 = no fragmentation, 256 ≤ Fragm entation Size ≤ 2000.
Appendix A: De vice Maintena nce Datacryptor Ethernet User Manu al Page 86 THALES Appendices Appendix A: Device Maintenance Periodically perform maintenance on your Datacry ptor. • Keep components f ree of dust and other particu late matter. • Check f ans for reduced airfl ow caused by dust bui ld-up and clean as neces sary.
Datacryptor Ethernet User Manu al Appendix A : Device Mainte nance 1270A450-005 - June 2 008 Page 87 a locked eq uipment clos et provides a more secu re environment than an open se rver room . At a minimum, we recommended t hat the unit ’s physical int egrity be checke d monthly.
Appendix B: Loading Datacryp tor Unit Software Datacry ptor Ethernet User Manual Page 88 THALES Appendix B: Loadin g Datacryptor Unit So ftware Datacryptors are factory pre- loaded with the r equ ired ‘applic ation’ soft ware and protocol data.
Datacryptor Ethernet User M anual Appendix B: Loading Datacry ptor Unit Software 1270A450-005 - June 2 008 Page 89 3. Selec t the COM port tha t the Datac ryp tor is co nnected to , usi ng the pull down me nu. This is COM1 by default. 4. If the D atacryp tor appl ication i s already runni ng, you m ay choose th e Ether net radi o button .
Appendix B: Loading Datacryp tor Unit Software Datacry ptor Ethernet User Manual Page 90 THALES 4. The Im age Loader may also perform other "hou sekeeping" tasks such as gen eration of correct Ethernet addre ss and IP addresses use d by later soft ware, if the se are missing.
Datacryptor Ethernet User M anual Appendix B: Loading Datacry ptor Unit Software 1270A450-005 - June 2 008 Page 91 Operations during Ethernet Code Loading The follo wing operations are only appl icable if you are using a n Ethernet connect ion for loading.
Appendix B: Loading Datacryp tor Unit Software Datacry ptor Ethernet User Manual Page 92 THALES 2. Once the har dware has been v alidated, select the Image Load er file ( .ilf file) con taining the Da tacrypto r appli cation im age (e.g. dc2k.ilf ). Se lect the file a nd click OK .
Datacryptor Ethernet User M anual Appendix B: Loading Datacry ptor Unit Software 1270A450-005 - June 2 008 Page 93 3. Image Load er will begin uplo ading the code contained in the Image Lo ader file.
Appendix B: Loading Datacryp tor Unit Software Datacry ptor Ethernet User Manual Page 94 THALES Comp letin g the Uplo ad 1. Progress of the load is shown via the Upload Progress bar and you will be notified when this is finis hed.
Datacryptor Ether net User Manual Appendix C: Product Specifica tions 1270A450-005 - June 2 008 Page 95 Appendix C: Product Specifications Syst em Spe cifica tions Interfa ces - Host and net work port.
Appendix D: Environm ental & Regulatory Datacry ptor Ethernet User Manu al Page 96 THALES Appendix D: Environmental & Regulatory Env ironment al Sp ecifi catio ns Description Value Temperature.
Datacryptor Ethernet User M anual Appendix D: Environm ental & Regulatory 1270A450-005 - June 2 008 Page 97 Interfer ence-Causing Equipment Stan dard Compliance Notice (Canada) "This Class B d igital apparat us meets all re quirements of the Ca nadian-interfere nce causing Regulat ions.
Appendix E: SFP and XF P Interfaces Datacryptor Ethernet U ser Manual Page 98 THALES Appendix E: SFP and XFP Interfaces The Datacry ptor 1 Gig Ethernet u nit is suppli ed with Sm all Form Facto r Pluggab le (SFP) interfaces (see above), using singl e-mode fiber or mu lti-mode fiber (M M SPF), as specified at the time of ordering.
Datacryptor Ethernet User Manu al Appendix F: Preventing E lectrostatic Di scharge 1270A450-005 - June 2 008 Page 99 Appendix F: Preventing Electrostatic Discharge Electrostati c discharge (ESD ) can damage electroni c components and equipmen t.
Appendix G: Troubleshooting Da tacryptor Ethernet User Manual Page 100 THALES Appendix G: Troubleshooting This appendix is provided to aid you in de termining basic prob lems with your Thale s Datacryptor Ethe rnet unit. If you cannot resolve the problem using this troubleshoot ing guide, please contact T hales cu stomer supp ort.
Datacryptor Ethernet User Manual Appendix G: Troubleshooting 1270A450-005 - June 2 008 Page 101 Cannot establish a link Check physical conne ctivity to ensure proper signal path. If using a 1 Gig or 10 Gig E thernet Datacryp tor, verify that compat ible SFPs and fiber t ype is being used for connectivity.
Appendix H: SNMP MIB Support Datacryptor Ethernet User Manual Page 102 THALES Appendix H: SNMP MIB Support In order to support organizations who utilize SN MP to monitor net work devices and stat us, .
Datacryptor Ethernet User Manu al Appendix H: SNMP MIB Support 1270A450-005 - June 2 008 Page 103 MIB Name Description DC2K-MIB-RFC1213 RFC 1213 defines the Manage ment Information Base (MIB-II) for use with netw ork management protocols in TCP /IP-based internets.
Appendix H: SNMP MIB Support Datacryptor Ethernet User Manual Page 104 THALES MIB Name Description DC2K-MIB-RFC2863 RFC 2863 defines a port io n of the Management Information Base (MIB-II). Specifically, it defines object s for the management of network interfaces.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 105 Appendix I: Log and SNMP Trap Numbers The follow ing table lists the log m essages tha t may be viewed in the Datacry ptor log and th e corresponding SNMP trap messages that may be gen erated.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 106 THALES Log Trap E rrors Hardware Log Type Code Trap No. Severity Message Information Error (Ha rdw are ) 1 120 Critical Random no.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 107 Log Type Code Trap No. Severity Message Information Error (Ha rdw are ) 14 122 Major Alarm condition: movement alarm activated Unit recov ered from alarm and not ed move ment alarm had be en activated: it will be necessar y to reboot the unit.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 108 THALES Log Type Code Trap No. Severity Message Information Error (Ha rdw are cleared) 5 121 Minor Decrypt Clock Now in .
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 109 Log Type Code Trap No. Severi ty Message Information Error (S of tw ar e ) 9 153 Warning Corr.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 110 THALES Key E rrors Log Type Code Trap No. Severity Message Information Key 0 200 Warning No response from peer No respo.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 111 Log Type Code Trap No. Severity Message Information Key 11 211 Minor DEK exchange unsuccessfu.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 112 THALES Log Type Code Trap No. Severity Message Information Key 23 223 Minor Certificate exchange unsuccessful Unexp ect.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 113 Log Type Code Trap No. Severity Message Information Key 32 232 Minor Certificate exchange uns.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 114 THALES Log Type Code Trap No. Severity Message Information Key 52 246 Major Faile d to set line mode Conditions are not.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 115 Log Type Code Trap No. Severity Message Information Key 904 895 Informational Key Material er.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 116 THALES Log Type Code Trap No. Severity Message Information Key 1012 512 Warning Peer reported DEK exchange unsuccessful.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 117 Log Type Code Trap No. Severity Message Information Key 1024 524 Warning Peer reported Certif.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 118 THALES Log Type Code Trap No. Severity Message Information Key 1042 542 Warning Peer reported commissioning unsuccessfu.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 119 Log Type Code Trap No. Severity Message Information Key 1063 563 Minor Peer reported DEK exch.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 120 THALES Log Type Code Trap No. Severity Message Information Key 2018 618 Minor No Encrypt channel is available The ma ximum number of encrypt slots has be en reached.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 121 Log Type Code Trap No. Severity Message Information Key 2044 644 Minor SA set to Trunk by Pee.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 122 THALES Log Type Code Trap No. Severity Message Information Key 2064 875 Minor Peer Failed to Add SA, Auto- Notify is Di.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 123 Audit E rrors Log Type Code Trap No. Severity Message Information Audit 1 701 Informational S.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 124 THALES Log Type Code Trap No. Severity Message Information Audit 19 719 Informational Encrypt mode configured Audit 20 .
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 125 Log Type Code Trap No. Severity Message Information Audit 46 733 Major Keylock moved to Trans.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 126 THALES Log Type Code Trap No. Severity Message Information Audit 75 762 Critical Primary mode reboot: KAT test failu re The en cryp tion al gori thm faile d a "Known Answer Test " (KAT) a nd has caus ed th e unit to reboo t to at tem pt to r eco ver.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 127 Log Type Code Trap No. Severity Message Information Audit 84 771 Major Primary: Response ba c.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 128 THALES Log Type Code Trap No. Severity Message Information Audit 97 784 Informational SNMP configuration updated Audit 98 785 Major Random No. Generator DISCONNECTED Random number gener ator has st opped - possible hard ware error Audit 99 786 Major Random No.
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 129 Log Type Code Trap No. Severity Message Information Audit 123 808 Informational RIP-2 authent.
Appendix I: Log a nd SNMP Trap Numbers Datacryptor Ethernet User Manual Page 130 THALES Log Type Code Trap No. Severity Message Information Audit 153 868 Information al ToS byte passthrough in tunnel .
Datacryptor Ethernet User Manual Appendix I: Log a nd SNMP Trap Numbers 1270A450-005 - June 2 008 Page 131 Log Type Code Trap No. Severity Message Information Audit 914 905 Critical Hardware Monitor report s alarm This can be due to fan, heat, or power failur e.
Appen dix J: Gloss ary of T erms Datac rypto r Ethern et Use r Manu al Page 132 THALES Appendix J: Glossary of Terms Advanced Encryption Standard (AES) A symmetric algori thm (same key for encry ption and decryption) using block encryption of 128 bits in size, supporting key sizes of 128, 192 and 256 bits.
Datacryptor Ethernet User Manual Appendix J: Glossa ry of Terms 1270A450-005 - June 2 008 Page 133 Ele ment Man ager (EM) Applicat ion used to manage Datacryptor Et hernet devices a nd is used to la unch the Front Panel Vie wer (FPV) a pplication. Encr ypted data Transfor med plaintext data t o ciphertext.
Appen dix J: Gloss ary of T erms Datac rypto r Ethern et Use r Manu al Page 134 THALES Public Key Cryptogr aphy In public key cryptograph y different key s are used for encrypti on and decryption. The public key is p ublic, but the pr ivate key is known only to its o wner.
An important point after buying a device Thales DATACRYPTOR 1270A450-005 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Thales DATACRYPTOR 1270A450-005 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Thales DATACRYPTOR 1270A450-005 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Thales DATACRYPTOR 1270A450-005 you will learn all the available features of the product, as well as information on its operation. The information that you get Thales DATACRYPTOR 1270A450-005 will certainly help you make a decision on the purchase.
If you already are a holder of Thales DATACRYPTOR 1270A450-005, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Thales DATACRYPTOR 1270A450-005.
However, one of the most important roles played by the user manual is to help in solving problems with Thales DATACRYPTOR 1270A450-005. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Thales DATACRYPTOR 1270A450-005 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center