The RedCreek Ravlin 10/5100 is a cost-effective network security solution that performs encryption and decryption with a throughput of the theoretical maximum of Ethernet (or "wire" speed). Network administrators use it to establish private communications within secure intranets (between corporate divisions, workgroups, branch offices, and individuals) or within secure extranets (between customers, suppliers, and strategic partners.) Its low cost allows organizations to establish security over private or public IP networks quickly and easily.
The Ravlin10/5100 provides data privacy using industry-standard 56-bit DES and 168-bit Triple DES encryption. Authentication and access control are provided using DSS (Digital Signature Standard), Diffie-Hellman key exchange, X.509 v.3 digital certificates, and ISAKMP/Oakley key management. These security standards are part of the Internet Engineering Task Force (IETF) IP Security Standard (IPSec). The Ravlin10/5100 maintains the theoretical maximum of Ethernet (or "wire" speed) through the use of RedCreek CryptoCore™ technology.
The Ravlin10/5100 supports RavlinSoft Clients running on Windows 95/98 and Windows NT 4.0 systems, allowing remote communications over public and private networks. The Ravlin 10 supports Strong RADIUS user authentication for standard remote software. Ravlin RADIUS Authentication provides interoperability with user authentication hardware tokens that have standard RADIUS interfaces.
The Ravlin10/5100 firmware has all mandatory components of the Internet Engineering Task Force (IETF) IP Security Standard (IPSec) for enhanced network security.
IP Security Standard (IPSec)
IPSec is the most secure and comprehensive standard available today for encryption, authentication, key
management, and anti-replay services.
IPSec protocol interoperability lets Ravlin products exchange keys and encrypted communications with all other IPSec-compliant products, so customers can use different IPSec vendors for multiple scenarios. RedCreek can provide a list of IPSec interoperability partners upon request.
The Ravlin10/5100 firmware supports the strongest suite of IPSec network security enforcement features available today. Using Ravlin Node Manager, the Ravlin10/5100 firmware gives the network administrator or security manager a choice of several secure VPN operational modes.
ESP (Encapsulating Security Payload) Tunnel Mode
ESP Tunnel mode provides the highest level of security between gateways. The original IP datagram is
encapsulated in a new IP packet using a new IP address as the source/destination of the packet. ESP Tunnel
mode uses 40-bit/56-bit DES or 168-bit Triple DES encryption.
ESP (Encapsulating Security Payload) Transport Mode
In ESP Transport mode, only the payload of the original IP datagram is encrypted. Like ESP Tunnel mode,
ESP Transport mode uses 56-bit DES or 168-bit Triple DES. Ravlin10/5100 units also support Authentication
Header (AH) Transport mode and Authentication Header (AH) Tunnel mode, which use strong authentication and
anti-replay to secure IP datagrams without encrypting the data payload. ESP Transport mode uses hashing
methods to ensure that the data stream is not modified.
Encrypt-in-Place (EIP) Mode
In EIP mode, only the payloads of IP datagrams are encrypted. Like ESP mode, EIP mode can use 56-bit DES
or 168-bit Triple DES. EIP mode is a RedCreek proprietary secure VPN technology. Although EIP mode is not
part of the IPSec standard, it combines high speed with all levels of encryption.
Anti-Replay Service and Use of Unique X.509 v.3 Certificates
Ravlin10/5100 uses IPSec anti-replay services to ensure that rogue packets cannot be inserted into a
Ravlin-protected data stream. With anti-replay service, each IP datagram passing within the secure
association is tagged with a sequence number. On the receiving end, the datagram is blocked if its
sequence number does not fall within a pre-specified range of sequence numbers.
Fast Encryption: Wireline Performance without Network Degradation
Third-party tested and validated at encryption/decryption speeds of 100% of media throughput for all
packet sizes.
Ease of Implementation and Administration
Integrates easily into existing networks through 10BaseT inputs and outputs.
Secure download of product upgrades to Ravlin10/5100 flash memory.
Easy device management through industry-standard SNMP MIB II.
Automatically configures to operate in an IP network through Dynamic Host Configuration Protocol (DHCP).
Standards-Based Security/Management
Complies with the security standards being developed by the Internet Engineering Task Force (IETF) IP Security (IPSec) Working Group.
Ensures information privacy using full 56-bit DES (Data Encryption Standard) and 168-bit Triple DES.
Provides access control through the use of International Standards Organization (ISO) X.509 v.3 digital certificates.
Verifies the sender’s identity with Digital Signature Standard (DSS) and Secure HMAC-MD5 and HMAC-SHA-1 Hash Algorithm (SHA) protocols.
Establishes and maintains secure communications using the Internet Security Association and Key Management Protocol (ISAKMP) v.9/Oakley.
Provides enhanced confidentiality to IP datagrams through the IP Encapsulating Security Payload (IPESP) Tunneling Mode protocol.
Uses industry-standard SNMP MIB II for device management.
Provides support for the following protocols:
Transmission Control Protocol/Internet Protocol (TCP/IP)
User Datagram Protocol (UDP)
Dynamic Host Configuration Protocol (DHCP)
Internet Control Message Protocol (ICMP) Ping
Address Resolution Protocol (ARP)
Simple Network Management Protocol (SNMP)
RADIUS support
Interoperability
ISAKMP/Oakley for key management
Encapsulated Tunneling (IPSec IPESP) for interoperability with firewalls
Standard 10BaseT inputs and outputs to drop into any Ethernet network
Operates at ISO Network layer 3, making it application independent
Low Cost of Ownership
Preserves investments in existing network hardware and software by dropping transparently into the network without requiring modification to the existing network infrastructure.
Delivers best price and performance for network security products.
Allows significant network cost savings by ensuring secure communications and data privacy over public networks like the Internet.
Customer Support/Service
RedCreek Communications, Inc. believes that customer advocacy and support are critical to our success.
Because of this belief, we offer innovative support programs to assist with installation and configuration
of Ravlin products. Traditional technical assistance and support are provided by RedCreek's Customer
Support Center. Please reference our Customer Support link.
Throughput The theoretical maximum of Ethernet (or "wire" speed)
Dimensions 1.75” H x 11” D x 8.75” W, 4.45 cm H x 27.94 cm D x 21.59 cm W (Two Ravlin10/5100s fit side by side on a standard IU 19-inch rack shelf.)
Weight 2 lb. 3 oz. / 1.0 kg
LAN Interface Two 10BaseT or RS-232 AUI Ethernet ports per device
Management Interfaces Front panel, 10BaseT Ethernet, RS-232
Firmware Upgrades Download to flash via Ravlin Node Manager
Power Requirements DC power—9- to 14-volt power supply at 1 amp. For use in a 110-120 VAC, 60-cycle unconditioned power environment. An international power supply is available.
Options Remote Access Feature
Safety Certification CE
Tamper Evident Status FIPS 140-1, level 2
EMI/RFI CISPR EN 55022B
