10/100BaseT Connectivity for High Speed Ethernet Networks
The Ravlin 7100 secure Virtual Private Networking (VPN) solution represents a new architecture that is a step up in throughput and extensibility. The Ravlin 7100 offers faster encryption and decryption speed, with the addition of Fast Ethernet connectivity. All Ethernet ports are 10/100BaseT auto-sensing ports. The Ravlin 7100 is also more scalable, allowing for higher number of concurrent users. As a hardware based VPN solution, the Ravlin 7100 offers superior performance, security and is software application independent.
The Ravlin 7100 products are targeted towards larger corporations that require Fast Ethernet speed, connectivity and support for a large amount of site-to-site and remote access connection. Network administrators use the 7100 to establish private communications within secure Intranets (between corporate divisions, workgroups, and branch offices) or within secure Extranets (between customers, suppliers, and strategic partners.) Organizations can establish security over private or public IP networks quickly and easily.
Acting as a gateway, the Ravlin 7100 also supports RavlinSoft clients running on Windows 98 and Windows NT 4.0 systems, allowing remote communications over public and private networks. Strong RADIUS user authentication for remote client software is a standard feature of the Ravlin 7100. Ravlin RADIUS Authentication provides interoperability with user authentication hardware tokens that have standard RADIUS interfaces.
The Ravlin 7100 supports the strongest suite of IPSec network security enforcement features available today, implementing all the mandatory components of the Internet Engineering Task Force (IETF) IP Security Standard (IPSec) standard for enhanced network security. The Ravlin 7100 provides data privacy using industry-standard 56-bit Data Encryption Standard (DES) and 168-bit Triple DES encryption. Authentication and access control are provided using DSS (Digital Signature Standard), Diffie-Hellman key exchange, X.509 v.3 digital certificates, and IKE key management. Using Ravlin Node Manager, the Ravlin 7100 firmware gives the network administrator or security manager a choice of several secure VPN operational modes.
All RedCreek products support the same firmware set and are completely interoperable. There is full compatibility among all Ravlin products with regard to IPSec, management and client interface.
IP Security Standard (IPSec)
IPSec is the most secure and comprehensive standard available today for encryption, authentication, key
management, and anti-replay services. IPSec protocol interoperability lets Ravlin products exchange keys
and encrypted communications with all other IPSec-compliant products, so customers can use different IPSec
vendors for multiple scenarios.
ESP (Encapsulating Security Payload) Tunnel Mode
ESP Tunnel mode provides the highest level of security between gateways. The original IP datagram is
encapsulated in a new IP packet using a new IP address as the source/destination of the packet. ESP Tunnel
mode uses 56-bit DES or 168-bit Triple DES encryption.
ESP (Encapsulating Security Payload) Transport Mode
In ESP Transport mode, only the payload of the original IP datagram is encrypted. Like ESP Tunnel mode,
ESP Transport mode uses 56-bit DES or 168-bit Triple DES. Ravlin 7100 units also support Authentication
Header (AH) Transport mode and Authentication Header (AH) Tunnel mode, which use strong authentication and
anti-replay to secure IP datagrams without encrypting the data payload. ESP Transport mode uses hashing to
ensure that the data stream is not modified.
Encrypt-In-Place (EIP) Mode
In EIP mode, only the payloads of IP datagrams are encrypted. Like ESP mode, EIP mode uses 56-bit DES or
168-bit Triple DES. EIP mode is a RedCreek proprietary secure VPN technology. Although EIP mode is not
part of the IPSec standard, it combines high speed with all levels of encryption.
Anti-Replay Service and use of unique X.509 v.3 Certificates
Ravlin 7100 uses IPSec anti-replay services to ensure that rogue packets cannot be inserted into a Ravlin
protected data stream. With anti-replay service, each IP datagram passing within the secure association is
tagged with a sequence number. On the receiving end, the datagram is blocked if its sequence number does
not fall within a pre-specified range of sequence numbers.
Ravlin RADIUS Authentication
Ravlin RADIUS Authentication is a feature for the Ravlin 5100 that lets customers use RADIUS servers for
authentication.
Ease of implementation and Administration
Integrates easily into existing networks through 10/100BaseT inputs and outputs
Secure download of product upgrades
Easy device management through industry-standard SNMP MIB II
Standard-Based Security and Management
Complies with the security standards developed by the Internet Engineering Task Force (IETF) IP Security (IPSec) Working Group
Ensures information privacy using full 56-bit DES (Data Encryption Standard) and 168-bit Triple DES
Provides access control through the use of International Standards Organization (ISO) X.509 v.3 digital certificates
Verifies the sender's identity with Digital Signature Standard (DSS) and Secure HMAC-MD5 and HMAC-SHA-1 Hash Algorithm (SHA) protocols
Establishes and maintains secure communications using the Internet Key Exchange (IKE)
Provides enhanced confidentiality to IP datagrams through the IP Encapsulating Security Payload (IPESP) Tunneling Mode protocol
Uses industry-standard SNMP MIB II for device management
Provides support for the following protocols:
Transmission Control Protocol/Internet Protocol (TCP/IP), User Datagram Protocol (UDP), Dynamic Host Configuration Protocol (DHCP), Internet Control Message Protocol (ICMP) Pin, Address Resolution Protocol (ARP), Simple Network Management Protocol (SNMP)
RADIUS Authentication
Interoperability
ISAKMP/Oakley for key management
IP Encapsulating Security Payload (IPSec IPESP) Tunneling for interoperability with firewalls
Standard 10/100 BaseT inputs and outputs to drop into any fast Ethernet network
Operates at ISO Network layer 3, making it application independent
Low Cost of Ownership
Preserves investments in existing network hardware and software, by dropping transparently into the network without requiring modification to the existing network infrastructure
Delivers best price and performance for network security products
Allows significant network cost savings by ensuring secure communications and data privacy over public networks like the Internet
Customer Support
RedCreek Communications, Inc. believes that our customers deserve lasting value and continuous
satisfaction with RedCreek products. Because of this belief, RedCreek, in participation with its VARs,
offers innovative support programs to assist with installation and configuration of Ravlin products.
Please reference our Customer Support site.
Throughput Up to 45 Mbit DES, 22.5 Mbit Triple DES encryption
Dimensions 1.75” H x 11” D x 8.75” W, 4.45 cm H x 27.94 cm D x 21.59 cm W (Two Ravlin 7100s fit side by side on a standard IU 19 inch rack shelf.)
Weight 2 lb.3 oz. / 1.0 kg
LAN Interface Two 10/100BaseT
Management Interfaces Front panel, 10/100BaseT
Firmware Upgrades Download to flash via Ravlin Node Manager
Power Requirements DC power—9- to 14-volt power supply at 1 amp. For use in a 110–120 VAC, 60-cycle unconditioned power environment. An international power supply is available.
Safety Certification CE
Tamper Evident Status FIPS 140-1, level 2B
EMI/RFI CISPR EN 55022B
Standards Compliance IPSec compliant
