Encrypted Ethernet Tunnel, FT-6601, FT-6602, FIPS 140-2, VPN hardware

Encrypted Ethernet Tunnel Utilizing FIPS Certified Encryption Module

FT Family Encrypted Ethernet Tunnel

Utilizes FIPS certified encryption module
The FT-6602 creates encrypted tunnels
Industrial temperature -20º to +70º C
AC and DC power supply options
10/100BaseT ethernet ports
Each port is independent
Easy to setup and maintain
Server unit supports up to 25 client FTs
Operates as server, client, or client & server
Extensive statistics, logging and diagnostics
Tunnels at Layer 2, including multicast
Ethernet to ethernet
Bridge/Tunnel supports 4,096 MAC addresses
Remote PCs appear to be on the local network
Bridges 802.1Q tagged V-LAN trunks
Extensive filtering on MAC, IP, and Protocols

FT-6602 Front View

FT-6602 Rear View

Features
Description
Specifications
How To Order
General
Protocol Features
Indicators
Physical/Electrical
Application Notes and Manual

Common Applications

VLAN – Ideal for tunneling multiple VLAN segments through an external IP network
Tunneling multicast voice and video through public and/or private networks
Serving remote offices over tunneled networks to ease network administration, provide remote file and printer access
Utilities – Gas and oil production, pipelines, electric generation, transmission and distribution
Retail – Stores, kiosks, credit card machines --- especially those using wireless links
Law Enforcement – Small remote offices
Medical – AES encryption of the FT-6600 meets HIPAA requirement for securing data over open networks such as the Internet. The medical industry is mandated by HIPAA to meet HIPAA privacy and security requirements over open networks.
Real Estate – Connecting to and updating the database of listed homes.
Field sales personnel working out of the home, hotel rooms wired for high speed Internet access.
Financial industry – Additional security on internal corporate links, branch offices, ATM machines, key personnel remote secure access.
Remote office with more than one device, with the ET-6600 shared with switch or hub.
Added security within a large corporate network
Office to Home
2 nets at each end, bridged via the Internet
Remote network monitoring via the Internet

DESCRIPTION

The FT-6602 creates an encrypted tunnel through IP networks. It features three Ethernet LAN ports and a serial port for initial setup.

The FT-6602 encrypts data between private networks using the public Internet or any other network as the transport. The FT-6602 can be a server, a client or a client & server device. As a server, the FT-6602 supports up to 25 simultaneous clients.

The FT series uses a FIPS certified encryption module. AES is used for the bulk data encryption. The FT-6602 uses SHA1 for signing and RSA 2048 for key exchange and authentication. A USB memory device is used for certificate information storage.

The FT-6602 trusted encryption port is ethernet 10/100BaseT. The serial port can be used for initial IP setup. The FT-6602 is typically setup and managed using a browser. The server has a fixed IP address. Clients can use DHCP or have fixed IP addresses.

The FT-6602 series operates through firewalls with only one port of your choice opened. It bridges all ethernet protocols including IPX, IP, NetBEUI, and other proprietary protocols. The FT-6602 is straight-forward, easy to configure and maintain. The FT-6602 has state-of-the-art AES encryption security without the configuration complexity of VPN. It will encrypt and tunnel many devices without the need for individual client software on each device.

For encryption of serial RS-232 links not involving ethernet or IP, see our SE-6600 product line. For encryption of ethernet or IP links using non FIPS certified modules and other features, see our ET series or UT series products.

Due to the encryption employed in these products, FT and ET series products are export controlled items and are regulated by the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce. Some models of the ET and FT series are classified as mass market encryption devices and may not be exported or shipped for re-export to restricted countries in Country Group E:1. They are shippable to most other countries.

SPECIFICATIONS

General

One asynchronous DE-9P RS-232 serial port for setup
Three ethernet ports, 10/100 BaseT
USB Port for certificate information storage
Sustained throughput of 6 Mbps
Supports up to 25 ST client devices
Bridge/tunnel supports 4,096 MAC address table entries
The FT-6602 uses an embedded FIPS 140-2-validated cryptographic module (Certificate #918) running on a Linux x86 platform per FIPS 140-2 Implementation Guidance section G.5 guidelines

Protocol Features

TLS ver 1.0, AES 256 bit encryption
IE-7 or Firefox Web browser configuration and management from local trusted interface
Robust failover features
Default IP address: 192.168.0.1
Initial setup via local serial terminal
Supports 802.1Q VLAN
Extensive filtering on MAC, IP, and Protocol
Tunnels multicast packets (Layer 2 tunneling)
The FT-6602 uses an embedded FIPS 140-2 validated cyprtographic module (Certificate #918) running an a Linux x86 platform per FIPS 140-2 Implementation Guidance section G.5 guidelines.

Performance:

Sustained greater than 6 Mbps

Indicators

Front - Power, port activity, CF Disk
Rear – LAN connection, LAN activity

Physical/Electrical

Power requirements: 12 VDC, 6 watts
Wide range 12, 24, 48, and 125 VDC options are available
Supplied with 120-240 VAC external power supply
8 ¼” x 6” x 1.3”
Shipping weight five pound

Environmental

Operational Temperature: -20 to +70 C
Storage Temperature: -50 to +85 C
Humidity: Non-condensing
Power Supply Options may affect temperature specifications

APPLICATIONS

How it works

The FT family products create an encrypted tunnel which passes Ethernet packets between two trusted LAN segments. All ethernet protocols are bridged between the FT units. The FT only operates in conjunction with other FT units. One unit is required for each location. Multiple client units may be connected to the same host unit, and a client may be connected to multiple host units (daisy-chained operation). A host unit may be configured to block client-unit to client-unit connections, or to allow them. All FT series units are compatible.

Download a copy of the manual.

This is a quick-start guide and "cookbook" configuration guide.

Download a copy of the quick-start guide.

The FT series is the FIPS 140-2 encryption module version of our ET series encrypted tunnels. While these applications notes reference the ET series products, the FT series operation and capabilityes are similar.


ET Encrypted Bridge Quick-Start Installation Guide
A cookbook style quick start guide to installing the ET Encrypted Bridges. Illustrates common usage examples with fill-in-the-blank instructions.
ET-3300/6600 Encrypted Bridge Applications
Some ways the ET products are being used to tunnel IP traffic in the real world.

Using the ET-6601 Encrypted Bridge with EVDO & Wifi
Discusses using the ET-6601 with high speed cellular modems and 802.11 Wifi wide area connections.

ET Encrypted Bridge Installation Option
An application note describing an appliance-like installation that allows the ET to be located anywhere on the local LAN. Known around DCB as the "Single-Port Installation".
Using the ET Encrypted Bridges with 801.Q VLANs
Discusses configuring the ET products to handle 801.Q VLAN traffic. The ET supports 801.Q VLAN tagged packets, and allows a VLAN to span multiple IP networks.

Using the UT Encrypted Bridges and UT-SOFT with IP Multicast.
Discusses applying the UT products to transport VOIP multicast via non-multicast wide area networks. Examples showing IP voice dispatch radios for public service agencies. The UT supports multi-cast IP over normal uni-cast networks and allows a private multi-cast network to span multiple IP networks. The UT-SOFT software client allows any PC to be a securely connected node on a remote network

Using the ET Encrypted Bridges with IP Multicast.
Discusses applying the ET products to transport VOIP multicast via non-multicast wide area networks. Examples showing IP voice dispatch radios for public service agencies. The ET supports multi-cast IP over normal uni-cast networks and allows a private multi-cast network to span multiple IP networks.

Automating Dial-Up Router and Bridge PPP Connections
An application note that details one common method of automating the use of IP-6600 routers and ET-6600 bridges to dial multiple remote locations on a scheduled or automated basis.

Applications Drawing

Item Number	Description	Price	Buy Now!
Questions? Phone us toll free at 800-432-2638 Due to the nature of this product, we prefer that you phone us and discuss your application prior to ordering this product.
FT-6602	Encrypted Ethernet Tunnel Appliance with Three Ethernet Ports	$ 1,495	Qty:
FT6602-12VDC	9-18 VDC external power supply option	$ 75	Qty:
FT6602-24VDC	18-36 VDC input external power supply option	$ 75	Qty:
FT6602-48VDC	36-72 VDC external power supply option	$ 75	Qty:
FT6602-125VDC	125 VDC external power supply option	$ 125	Qty:



Data Comm for Business Inc. 2949 County Road 1000 E Dewey, Il 61840	Voice: 217-897-6600 Toll Free: 800-4-DCB-NET Toll Free: 800-432-2638	Email: Contact Page Web: www.dcbnet.com Fax: 217-897-1331	Shopping cart is
All DCB web pages copyright ©1995--2010 Data Comm for Business, All rights reserved. EtherPath®, EtherSeries®, EtherPoll®, EtherBridge® and EtherModem® are Registered Trademarks of Data Comm for Business, Inc.

Encrypted Ethernet Tunnel Utilizing FIPS Certified Encryption Module

Common Applications

How it works

Questions? Phone us toll free at 800-432-2638

Due to the nature of this product, we prefer that you phone us and discuss your application prior to ordering this product.

Due to the nature of this product,
we prefer that you phone us and discuss your application prior to ordering this product.