Nebraska's Oldest and Largest Linux Source

| Home Page | Security Products | Linux Distributions | Novell Products | Appgen Products | Misc Linux |

Wireline Performance Encryption Speeds for Ethernet Networks

Performance is Maintained Through the Use of RedCreek's Cryptocore™ Technology

The RedCreek Ravlin 4 is a cost-effective network security solution that performs encryption and decryption with a throughput of 40% of the theoretical maximum of Ethernet. Network administrators use it to establish private communications within secure intranets (as between corporate divisions, workgroups, branch offices, and individuals) or within secure extranets (as between customers, suppliers, and strategic partners.) Its low cost lets organizations establish security over private or public IP networks quickly and easily.

The Ravlin 4 is typically installed behind an access router connected to a full-duplex T1/E1 wide-area network (WAN) circuit. It provides data privacy using industry-standard 40-bit/56-bit DES and 168-bit Triple DES encryption. Authentication and access control with DSS (Digital Signature Standard), Diffe-Hellman key exchange, X.509 v.3 digital certificates, and ISAKMP/Oakley key management. These security standards are part of the Internet Engineering Task Force (IETF) IP Security Standard (IPSec).

Download PDF of Ravlin 4 data sheet.

Button Map

Features and Benefits

IP Security Standard (IPSec)
Fast Encryption: Wireline Performance/No Network Degradation
Ease of Implementation and Administration
Low Cost of Ownership
Standards-Based Security/Management
Protocol Support

IP Security Standard (IPSec)
Ravlin 4 firmware contains all components of the Internet Engineering ask Force (IETF) IP Security Standard (IPSec) for enhanced network security. IPSec is the most secure and comprehensive standard available today for encryption, authentication, key management, and anti-replay services.

IPSec protocol interoperability allows the exchange of keys and encrypted communications with all other IPSec-compliant products, so customers can use different IPSec vendors for multiple scenarios. RedCreek can provide a list of IPSec interoperability partners.

Fast Encryption: Wireline Performance without Network Degradation
Third-party tested and validated at encryption/decryption speeds of 40% of the theoretical maximum of Ethernet for all packet sizes.

Ease of Implementation and Administration
Integrates easily into existing networks through 10BaseT inputs and outputs. Secure download of product upgrades to Ravlin 4 flash memory. Easy device management through embedded SNMP agent and industry-standard SNMP MIB II.

The Ravlin 4 firmware supports the strongest suite of IPSec network security enforcement features available today. Using RavlinNodeManager to configure the unit, the network administrator can choose between several different secure VPN modes.

Return to top

ESP (Encapsulated Security Protocol) Tunnel Mode
This mode provides the highest level of security between gateways while the payload information and the original IP header is encrypted and encapsulated. The original IP datagram is encapsulated in a new IP packet using a new IP address as the source/destination of the packet.

ESP (Encapsulated Security Protocol) Transport Mode
In ESP Transport mode, only the payload of the original IP datagram is encrypted. Like ESP Tunnel mode, ESP Transport mode uses 40-bit/56-bit DES or 168-bit Triple DES. Ravlin 4 units also support Authentication Header (AH) Transport mode and Authentication Header (AH) Tunnel mode, which use strong authentication and anti-replay to secure IP datagrams without encrypting the data payload. ESP Transport mode uses hashing methods to ensure that the data stream is not modified.

Encrypt-in-Place (EIP) Mode
In EIP mode, only the payloads of IP datagrams are encrypted. Like ESP mode, EIP mode can use 40-bit/56-bit DES or 168-bit Triple DES. EIP mode is a RedCreek proprietary secure VPN technology. Although EIP mode is not part of the IPSec standard, it combines high speed with all levels of encryption.

Anti-Replay Service and Use of Unique X .509 v .3 Certificates
Ravlin 4 uses IPSec anti-replay services to prevent intruders from inserting rogue packets into a data stream. With anti-replay service, each IP datagram passing within the secure association is tagged with a sequence number. On the receiving end, the datagram is blocked if its sequence number does not fall within a pre-specified range of sequence numbers.

The Ravlin 4 supports any unique X.509 v.3 digital certificate for strong user authentication and policy management. This lets network administrators integrate Ravlin 4 units into the Public Key Infrastructure (PKI) programs for additional levels of authentication and strong network security policy management.

Return to top

Standards-Based Security/Management

  • ISAKMP/Oakley for key management
  • Encapsulated Tunneling (IPESP) for interoperability with firewalls
  • Standard 10BaseT inputs and outputs to drop into any Ethernet AH network
  • Operates at ISO Network layer 3, making it application independent
Low Cost of Ownership
  • Preserves investments in existing network hardware and software by dropping transparently into the network without requiring modification to the existing network infrastructure.
  • Delivers best price and performance for network security products.
  • Allows significant network cost savings by ensuring secure communications and data privacy over public networks like the Internet.
Return to top

Ravlin 4 Technical Specifications

40% of the theoretical maximum of Ethernet


1” H x 6” D x 4” W
0.39 cm H x 2.36 cm D x 1.58 cm W


5.9 oz. / 0.2 kg

LAN Interface

Two 10BaseT ports per device

Management Interfaces

10BaseT Ethernet (in-band)

Firmware Upgrades

Download to flash via RavlinNodeManager

Power Requirements

DC power—9- to 14-volt power supply at 1/2 amp. For use in a
110—120 VAC, 60-cycle unconditioned power environment. An international power supply is available.

Safety Certification




Return to top


Phone: (402) 932-7250
Email: sales@midwestlinux.com

| Home Page | Security Products | Linux Distributions | Novell Products | Appgen Products | Misc Linux |

100% Microsoft Free
Greater Omaha Chamber of CommerceRadiks Internet Access
Powered by Linux

Copyright © 1996, 1997, 1998, 1999 Paktronix Systems, LLC Revised March 7, 1999