Order Now

    Encrytion Solutions Featuring General Dynamics TACLANE Units

    Secure EncryptionDragonwave AirPair Radios Certified for Use with TACLANE Encryption

    Military and government users have long been concerned about using wireless to send classified or sensitive information. Now there's a solution to integrate wireless into your Information Assurance strategy utilizing DragonWave AirPair point-to-point radios and General Dynamics TACLANE encryption units!


    Whether your wireless network needs to ensure secure and reliable protection for classified information or send sensitive data at high speeds, encryption is the answer. The standard encryption found in most wireless products falls short when it comes to addressing the requirements of military and government users. DragonWave’s AirPair 100 radios have passed a critical milestone in secure wireless with certification to fully support Gerneral Dynamics TACLANE encryption units, enabling 99.999% availability in a easily deployable package to support high capacity voice, video, and data, applications.

    AirPair Security

    AirPair systems are highly resistant to data intercept and decoding. AirPair included a number of imbedded security aspects such as:

    • Directional Point-to-point communication
    • Narrow beamwidth
    • Bit-level data stream with AirPair syschronization and framing
    • AirPair authentication
    • Third-party TACLANE Encryption

    AirPair/TACLANE Integration


    The AirPair has been tested for inter-working and interoperability with:

    • TACLANE-Classic (10 Mbps half duplex Ethernet)
    • TACLANE-E100 (160 Mbps for E100 half/full duplex Ethernet)
    • Sectéra® INE

    The TACLANE and Sectéra® INE equipment have been determined to be fully compatible with AirPair.  AirPair introduced no perceived or measured performance reductions in any of the attributes of the above encryption systems.


     Additional AirPair Technical Details


    The AirPair systems are not susceptible to common wireless intrusion schemes for signal intercept and decoding. In order to even attempt to extract the signal, the intruder would have to execute an elaborate scheme, and would require:

    • Direct access to the LAN/WAN data stream at the customer premises via the network equipment such as Ethernet Switch or Router.
    • Direct physical access to the AirPair units, as well as gain access to appropriate usernames and passwords.
    • Direct inline access to the narrow-beam signal and must use a DragonWave AirPair system as the receiver. Other receivers will not be able to decode the AirPair synchronization and framing information.

    If data security over the physical LAN connection, by means of tapping into the Ethernet cable or Ethernet LAN device is a concern, DragonWave recommends the use of a Virtual Private Network (VPN) between the AirPair endpoints. A VPN creates a secure tunnel using techniques such as IPSec, which provides both authentication and encryption at the IP (Internet Protocol) level and in turn protects any protocol running above the IP level.


    Direct Access to the Radio Beam


    One of the most significant security aspects is that the narrow-beam signal (<2°) is transmitted as a series of bits with AirPair synchronization, requiring an AirPair unit located within the signal beam in order to capture any data. The receiving unit must be located directly in line with the narrow-beam signal. Even with no other security mechanism enabled, an intruder would be hard pressed to place an AirPair directly in the 2° signal path.  The narrow, directional radio beam itself is a formidable impediment to eavesdropping. For example, using a 24" antenna attached to a 23 GHz radio, the beamwidth of at the end of a 1 km link is only 29 meters. This means a receiving radio must be located within 14.5 meters on either side of the target receiving radio. The signal rolls off rapidly beyond the target radio location and signal interception would require a receiver sensitivity of –75 dBm in order to receive a clear signal at a distance of 2 km. This type of receiver would be an extremely high-performance device. 

    Scrambled Data Stream


    The signal contained in the AirPair data stream is encoded in such a manner as to present a seemingly random string of data bits. The user data is taken as a series of individual data bits and the AirPair framing and synchronization bits are interleaved in a proprietary manner. The receiving AirPair system extracts the framing and decodes the user data; only an AirPair system is able to extract the information. Idle time is filled with AirPair generated random patterns to further mask the user data.  With no standard framing and no start/stop indicators plus a data fill during idle time, it is extremely difficult for a sniffer device to decode the data.


    Authentication


    AirPair Authentication restricts an AirPair modem from communicating with other AirPair modems unless that other modem matches the authentication string. The AirPair system must authenticate with the peer in order to be able to receive data. Therefore, even if an AirPair system were place inline with the signal, it would not authenticate and begin to receive data if another AirPair system has already been authenticated. There are 2 authentication modes, namely Unique or Group authentication. Unique authentication is used in a point-to-point configuration where two AirPair systems wish to communicate with each other and no other system. Group authentication is used where a network of AirPair systems is in place. The system authenticates its peer approximately every 5 minutes. Authentication takes place out of band.

     

    Your Total SourceFor more information contact TESSCO
    at 800-472-7373 or by email.

    Back to Top