CLASSIFIED INFORMATION PROTECTION

As part of the activity supporting the protection of classified information according to the Act of 5 August 2010 on the Protection of Classified Information, we create devices, systems and solutions with various confidentiality clauses. Moreover, we specialise in counselling, trainings and assistance in the processes of appointing and creating divisions of classified information protection in the companies.

CLASSIFIED SYSTEMS “CONFIDENTIAL” CLAUSE

CompCrypt ETA-MIL 10P

IP encryption devices
Client devices for the encryption of information in the IP networks and the creation of separated Virtual Private Networks (VPN). It allows to add single workstations or IP secure communication systems based on the complex solution CompCrypt ETA-MIL. Devices may be used both in military and civil systems.
Encryption devices are made in three versions:

  • ETA-MIL 10P – to be built in computer devices and servers,
  • Free-standing ETA-MIL 10P EX,
  • Special version: ETA-MIL 10P N7 meeting the requirements of the Defence Standard – NO-06-A103.

Device properties:

  • Certificate for the protection of information with the following clauses: CONFIDENTIAL, NATO CONFIDENTIAL and CONFIDENTIEL EU,
  • The tempest housing meeting the requirements of the SDIP-27 A standard,
  • Authentication of users based on PKI and microchip cards,
  • Advanced network functions: static routing, dynamic routing, translation of IP addresses (NAT Traversal), built-in firewall, Quality of Service (QoS), High Availability,
  • AES public encryption algorithm,
  • Automatic encryption of sessions without participation of a user,
  • Anti-penetration security of a device according to FIPS 140-3,
  • Possibility to configure many redundant management and audit networks,
  • VPN tunnels – 100,
  • Total speed – up to 20 Mbit/s,
  • Capacity up to 30000 pps.

Technical parameters

  • Communication interfaces: 2 x Ethernet 10/100 Base-T
  • Management interfaces: 2 x RS-232
  • Supply: external, stabilised +12 V,
  • Sizes (width, height, depth): 150 x 41.5 x 197 mm
  • Weight: 1.5 kg
  • Communication interfaces: – 2 x Ethernet 100 Base-FX, ST connection,
  • MMF light pipe 50/125, 62.5/125 mm
  • Management interfaces: 2 x RS-232
  • Supply: external switch mode power supply
  • Sizes (width, height, depth): 167.5 x 93.5 x 253 mm
  • Weight: 3.25 kg
  • Consistent with the environmental requirements of the NO-06-A103 standard for devices within group N7,
  • Strength at a temperature between -40°C and +60°C,
  • Range of permissible operating temperatures between -30°C and +50°C,
  • Sizes (width, height, depth): 482.5 x 88 x 300 mm,
  • Weight: approx. 15 kg.
CompCrypt DELTA 1

HSM device
CompCrypt Delta 1 is a device intended for the safe storage and use of the private key of the Certification Office in the PKI infrastructure. A device is intended to be used in extensive IT networks with a hierarchically complex and territorially dispersed structure. A device increases the effectiveness and safety of information exchange in classified networks, for example in government administration systems, bank and telecommunications systems.

A device has a valid certificate for the processing of classified information with the “confidential” clause until 30 August 2018.

CompCrypt ETA-VPN 100P

IP encryption device
CompCrypt ETA-VPN 100P makes it possible to create safe separated Virtual Private Networks (VPN). The CompCrypt ETA VPN 100P hardware encryption device ensures safe communication between workstations, systems or local networks (LAN). This solution is mainly designed for government administration units that process and send information between their locations according to the Act on the Protection of Classified Information.

A device has a valid certificate for the processing of classified information with the “confidential” clause until 30 November 2019.

CLASSIFIED SYSTEMS “RESTRICTED” CLAUSE

CompCrypt ETA-MIL 10Z

Encryption devices
CompCrypt ETA-MIL 10Z is an encryption device intended for the encryption of information in the IP networks by creating safe VPN tunnels between safety zones or separated workstations. A device has a mechanisms of automatic switching depending on the connection capacity. Encryption devices may operate in two various modes: by establishing secure connection between themselves or by establishing interconnections with devices of other producers.
Encryption devices are made in three versions:

  • ETA-MIL 10Z – to be built in computer devices and servers
  • ETA-MIL 10Z EX – free-standing
  • ETA-MIL 10Z N7 – special version meeting the requirements of the Defence Standard – NO-06-A103.

Device properties:

  • Certificate of the protection of classified information with the clause RESTRICTED, NATO RESTRICTED, RESTREINT UE/EU RESTRICTED,
  • Safe negotiation of keys with the use of elliptical curves (ECDH algorithm),
  • Advanced network functions: dynamic routing, QoS, Load Balancing, NAT traversal, High Availability,
  • AES public encryption algorithm,
  • Automatic encryption of sessions without participation of a user,
  • Authentication of users based on PKI infrastructure and microchip cards,
  • Establishing a session according to RFC 2409, RFC 3947,
  • Encryption of packages according to RFC 4303,
  • Possibility to compile a VPN tunnel with Cisco ASA and Juniper devices,
  • Work in the rsa-sig or pre-shared key mode,
  • Dedicated software for building the HA/LB cluster,
  • VPN tunnels – up to 250,
  • Total speed – up to 50 Mbit/s,
  • Capacity up to 20k pps.

Technical parameters

  • Consistency with the environmental requirements of the NO-06-A103 standard for devices within group N7,
  • Strength at a temperature between -40°C and +60°C,
  • Range of permissible work temperatures between -30°C and +50°C,
  • Sizes (width, height, depth): 482.5 x 88 x 300 mm,
  • Weight: approx. 15 kg.
  • Communication interfaces: 2 x Ethernet 10/100 Base-T
  • Management interfaces: 2 x RS-232
  • Supply: external, stabilised +12 V,
  • Sizes (width, height, depth): 150 x 41.5 x 197 mm
  • Weight: 1.5 kg
  • Communication interfaces: – 2 x Ethernet 100 Base-FX, ST connection,
  • MMF light pipe 50/125, 62.5/125 mm
  • Management interfaces: 2 x RS-232
  • Supply: external switch mode power supply
  • Sizes (width, height, depth): 167.5 x 93.5 x 253 mm
  • Weight: 3.25 kg
CompCrypt ETA-MIL 100Z

An encryption device with high capacity – CompCrypt ETA-MIL 100 Z – has been added to the group of devices encrypting information in the IP networks. This solution with full external infrastructure – HSM devices, management and audit software – creates a cryptographic and complete safety platform.
Encryption devices may be used in central system nodes and backbone networks (up to 10Gbit/s) requiring high capacity. Devices allow to connect networks offering the most sensitive services such as:

  • video transmissions,
  • voice transmissions,
  • replication between Data Centres.

A device may be used both in military and civil systems. The structure of an encryption device allows to adapt the transmission medium to the requirements of a recipient FC 10 Gbit/Etchernet 1/Gbit.

Technical parameters:

  • VPN tunnels: 500.
  • Capacity up to 6 Gbit/s, up to 3M pps.
  • Keyboard built in the front panel.

Encryption devices may operate in two various modes:

    • by establishing secure connection between themselves in the so-called national systems,
    • by establishing interconnections with devices of other producers, in particular with the CISCO ASA and Juniper solutions, due to operation consistent with standards (RFC 2409, RFC 3947, RFC 4303).
        A device undergoes a process of certification for the protection of classified information with the following clauses: Restricted, NATO Restricted and EU Restricted.

Device properties:

  • Safe negotiation of keys with the use of elliptical curves (ECDH algorithm).
  • Advanced network functions: dynamic routing OSPFv2, High Availability, 802.1Q VLAN Trunk.
  • AES-256 bit public encryption algorithm.
  • Automatic encryption of sessions without participation of a user.
  • Authentication of users based on PKI infrastructure™, optionally RSA-2048 or ECP-521).
  • Establishing a session according to RFC 2409.
  • Encryption of packages according to RFC 4303.
  • Possibility to compile a VPN tunnel with the Cisco ASA and Juniper devices.
  • Authentication of IPsec tunnels based on PKI (RSA/ECC) or PSK (Pre-shared Keys).
  • Minimum delay introduced by encryption devices: up to 0.05 ms.
Bezpieczna Poczta Niejawna

System Bezpiecznej Poczty oferowany przez Enigmę , bazujący na certyfikowanych rozwiązaniach KryptoMail 3.1 i PEM-HEART 3.015, zapewnia ochronę poufności i autentyczności informacji przesyłanych w systemie poczty elektronicznej. Dzięki zastosowanym rozwiązaniom wyłącznie nadawca i wskazani odbiorcy mogą odczytać treść wiadomości. System działa zarówno w komputerach stacjonarnych, jak i urządzeniach mobilnych (w tym smartfonach) i może być wdrożony w organizacji każdej wielkości.

Korzyści:

  • potwierdzenie autentyczności nadawcy i odbiorcy w korespondencji elektronicznej,
  • szybki i bezpieczny sposób przekazywania ważnych informacji,
  • zabezpieczenie przed nieautoryzowanym odczytem i wykorzystaniem,
  • ochrona przed atakami elektronicznymi i spamem.

Oprogramowanie posiada ważny certyfikat do przetwarzania informacji niejawnych o klauzuli „zastrzeżone” do 30.06.2020 r.

DEDICATED SYSTEMS

Based on the experience gained over twenty-five years of activity and the knowledge of engineering and design personnel resulting from the implementation of hundreds of IT systems, Enigma develops, from the beginning of its activity, a functional and technical design, and prepares solutions meeting customer’s needs.
The Data Retention System developed for one of telecommunications operators is an example of a system processing classified information with the restricted clause. This system is designed for the retention of billing data used to store and search data on phone calls made. A custom solution (CentaurOne), integrated with the safety solutions and PKI, has been prepared in the system for the third-party technologies. The system has acquired the accreditation of the national security services.

Benefits:

  • standardisation of the method of access to the operator’s systems,
  • improvement of work of the operator’s safety department.

DESIGN AND COUNSELLING SERVICES

IN THE SCOPE OF SAFETY

A significant area of the company’s activity is widely understood counselling, consultations as well as technical and design support in the scope of safety. Enigma possesses many certificates, concessions and permissions of the specialised government agencies and institutions which confirm the fulfilment of the most restrictive requirements in the scope of safety in the civil and military field.

Scope of services:

  • counselling and assistance in the preparation of safety documentation,
  • counselling and assistance in carrying out the process of risk assessment for the safety of classified information processed in ICT systems,
  • consultations and technical support in the preparation of rooms for autonomous computer workstations for the processing of classified information and the optimisation of costs of undertakings,
  • consultations and counselling in the scope of the selection of devices and their installation meeting the requirements of the national security services,
  • counselling in the scope of physical and technical protection of rooms for systems and ICT networks, as well as the optimisation of costs of the applied protection measures,
  • consultations and counselling in the scope of the proper selection, purchase and installation of devices intended for the processing of classified information in accordance with the recommendations of the national security services,
  • preparation of a company for the ICT system safety audit.
Napisz do nas

Napisz do nas już teraz. Odpowiemy najszybciej, jak tylko będzie to możliwe.

Start typing and press Enter to search