The RedCreek Ravlin 3200 is a cost-effective network security solution that performs encryption and decryption of the theoretical maximum of Ethernet. Network administrators use it to establish private communications within secure intranets (between corporate divisions, workgroups, branch offices, and individuals) or within secure extranets (between customers, suppliers, and strategic partners.) Its low cost allows organizations to establish security over private or public IP networks quickly and easily.
The Ravlin 3200 is typically installed behind an access router connected to a full-duplex T1/E1 wide-area network (WAN) circuit. It provides data privacy using industry-standard 56-bit DES and 168-bit Triple DES encryption. Authentication and access control with DSS (Digital Signature Standard), Diffie-Hellman key exchange, and IKE key management. These security standards are part of the Internet Engineering Task Force (IETF) IP Security Standard (IPSec).
IP Security Standard (IPSec)
IPSec is the most secure and comprehensive standard available today for encryption, authentication, key
management, and anti-replay services. IPSec protocol interoperability lets Ravlin products exchange keys
and encrypted communications with all other IPSec-compliant products, so customers can mix and match
products from multiple IPSec vendors.
Encapsulating Security Payload (ESP) Tunnel Mode
ESP Tunnel mode provides the highest level of security between gateways. The original IP datagram is
encapsulated in a new IP packet using a new IP address as the source/destination of the packet. ESP Tunnel
mode uses 56-bit DES or 168-bit Triple DES encryption.
Encapsulating Security Payload (ESP) Transport Mode
In ESP Transport mode, only the payload of the original IP datagram is encrypted. Like ESP Tunnel mode,
ESP Transport mode uses 56-bit DES or 168-bit Triple DES. Ravlin 3200 units also support authentication
and anti-replay to secure IP datagrams without encrypting the data payload. ESP Transport mode uses
hashing to ensure that the data stream is not modified. This mode is only for end-to-end communication.
Encrypt-In-Place (EIP) Mode
In EIP mode, only the payloads of IP datagrams are encrypted. Like ESP mode, EIP mode uses 56-bit DES or
168-bit Triple DES. EIP mode is a RedCreek proprietary secure VPN technology. Although EIP mode is not
part of the IPSec standard, it combines high speed with all levels of encryption.
Anti Replay Service and use of unique X.509 v.3 Certificates
Ravlin 3200 uses IPSec anti-replay services to ensure that rogue packets cannot be inserted into a Ravlin
protected data stream. With anti-replay service, each IP datagram passing within the secure association is
tagged with a sequence number. On the receiving end, the datagram is blocked if its sequence number does
not fall within a pre-specified window.
Ravlin RADIUS Authentication
Ravlin RADIUS Authentication is a feature for the Ravlin 5100 that lets customers use RADIUS servers for
authentication.
Ease of Implementation and Administration
Integrates easily into existing networks through 10BaseT inputs and outputs
Secure download of product upgrades
Easy device management through industry-standard SNMP MIB II
Standards-Based Security and management
Complies with the security standards developed by the Internet Engineering Task Force (IETF) IP Security (IPSec) Working Group
Ensures information privacy using full 56-bit DES (Data Encryption Standard) and 168-bit Triple DES
Provides access control through the use of International Standards Organization (ISO) X.509 v.3 digital certificates
Verifies the sender's identity with Digital Signature Standard (DSS) and Secure HMAC-MD5 and HMAC-SHA-1 Hash Algorithm (SHA) protocols
Establishes and maintains secure communications using the Internet Key Exchange (IKE)
Provides enhanced confidentiality to IP datagrams through the IP Encapsulating Security Payload (IPESP) Tunneling Mode protocol
Uses industry-standard SNMP MIB II for device management
Provides support for the following protocols:
Transmission Control Protocol/Internet Protocol (TCP/IP)
User Datagram Protocol (UDP)
Dynamic Host Configuration Protocol (DHCP)
Internet Control Message Protocol (ICMP) Ping
Address Resolution Protocol (ARP)
Simple Network Management Protocol (SNMP)
Radius Authentication
Interoperability
IKE for key management
IP Encapsulating Security Payload (IPSec IPESP) Tunneling for interoperability with firewalls
Standard 10BaseT inputs and outputs to drop into any fast Ethernet network
Operates at ISO Network layer 3, making it application independent
Low Cost of Ownership
Preserves investments in existing network hardware and software, by dropping transparently into the network without requiring modification to the existing network infrastructure
Delivers best price and performance for network security products
Allows significant network cost savings by ensuring secure communications and data privacy over public networks like the Internet
Customer Support
RedCreek Communications, Inc. believes that our customers deserve lasting value and continuous
satisfaction with RedCreek products. Because of this belief, RedCreek, in participation with its VARs,
offers innovative support programs to assist with installation and configuration of Ravlin products.
Please reference our Customer Support site.
Throughput Wireline with Triple DES or DES encryption
Dimensions 1” H x 6” D x 4” W, 2.54 cm H x 15.24 cm D x 10.16 cm W
Weight 5.9 oz. / 0.2 kg
LAN Interface Two 10BaseT ports per device
Management Interfaces 10BaseT Ethernet (in-band)
Firmware Upgrades Download to flash via Ravlin Node Manager
Power Requirements DC power—9- to 14-volt power supply at 1/2 amp. For use in a 110–120 VAC, 60-cycle unconditioned power environment. An international power supply is available.
Safety Certification CE
EMI/RFI CISPR EN 55022B
