The World’s First FIPS 140-2 Compliant L2 / MACsec Network Encryption Appliance
Broadbridge Networks’ Legion Edge EncryptorTM is the first and ONLY MACsec based, plug-and-play, FIPS 140-2 Compliant network data encryption appliance featuring real time Netflow monitoring and reporting. Whether safeguarding corporate IP, or securing classified networks, Legion Edge Encryptor provides highly scalable, low latency, secure data transport for all data planes, at line rates up to 100Gbit.
Not only is the Legion Edge Encryptor more secure than IPsec based solutions, it’s less than half the cost of traditional Ethernet VPN (EVPN) offerings. Certified on Red Hat Enterprise Linux in full FIPS mode.
Unlike IPsec, MACsec can secure all traffic within a LAN, including DHCP and ARP, as well as traffic from higher layer protocols.
Legion Encryptor can be layered for classified deployments, or combined with IPsec VPN solutions depending on the specific security requirement.CLASSIFIED EXAMPLE
Multi-Site Connectivity Features for Classified
Key features for administrators requiring solutions supporting the interconnection of two or more networks operating at the same security level via encrypted tunnels, where the security level encompasses the classification level.
ALL PLANE ENCRYPTION
All Data Plane, Management Plane, and Control Plane (DHCP, NDP, ARP,DNS, NTP,PTP,RIP,OSPF) traffic is encrypted.
Meets NSA requirement for MACsec-encrypted traffic encapsulation when MACsec is the first layer of encryption in a MSC Solution.
FLOW DATA COLLECTION
Optional Flow Data Collection & analysis meets MSC-MR-26 for Red Network boundary deployments. Solution is fully integrated/logged.
FIPS 140-2 Compliant & Meets NSA CSfC audit requirements MSC-AU-1, 2, 4, 5, 6, 7, 8, & MSC-RB-11 (role-based access control).
Solutions for Networks of All Speeds
Point-to-Point and Point-to-Multipoint Tunneling for all network speeds from 1Gbit to 100Gbit. FIPS 140-2 Compliant AES-GCM-128/256 bit Encryption**, Optional Hardware Security Module (HSM) for Key Derivation and Storage, Dedicated Out-of-Band Management Ethernet Port, Real TIme Traffic Analysis***
** Subject to Export Restrictions
*** Add on feature
Affordable, line rate conectivity for networks between 1Gbit (RJ45) & 10Gbit (SFP+). Supporting both NSA B-Suite & CNSA Compliant point to point, or point-to-multipoint MACsec encryption over public networks.
Dell VEP 1425/1445/1485
Line rate conectivity at 25-50Gbit with the Nvidia/Mellanox SmartNIC (QSFP56). Supporting both NSA B-Suite & CNSA Compliant point to point, or point-to-multipoint MACsec encryption over public networks.
Dell Poweredge 6515
Line rate conectivity for point-to-point, or point-to-multipoint at 100Gbit with the Nvidia/Mellanox SmartNIC (QSFP56). Supporting NSA B-Suite & CNSA Compliant MACsec encryption over public networks.
Dell Poweredge 6515
Up to 200Gbit aggregate point-to-point, or point-to-multipoint connectivity. Dual Nvidia/Mellanox SmartNICs (QSFP56) supporting NSA B-Suite & CNSA Compliant MACsec encryption over public networks.
Dell Poweredge 6525
Security Solutions You Can Trust
Legion EncryptorTM is a tested, verified, and supported enterprise-grade Red Hat Certified Technology, available on Dell Virtual Edge and Poweredge servers.