By: Carlo Munoz, Jane's International Defence Review, Published on July 1, 2020

The US National Security Agency (NSA) is poised to certify General Dynamics’ TACLANE-ES10 network encryptor for secure Layer 2 data transmissions, making it one of the first network encryption systems for ethernet data transfers to achieve the agency’s Type 1 certification.

Company officials anticipate the final certification review process to determine whether the TACLANE-ES10 meets the agency’s Type 1 security specification standards within the next three months, General Dynamics' Chief Technical Officer for Cyber Systems Dave King said. Programme officials have already completed initial agency reviews of the platform’s concept, design, and software development over the last year, King said on 11 June.

The TACLANE-ES10 will be the first to market of its type of encryption system that meets the National Security Agency’s newest security specifications, geared toward secure or sensitive data passed through ethernet connections. “It is specifically designed for this [NSA] specification, so it is not a half of an encryptor of one kind and a half of an encryptor of another kind, it really is trying to meet ... the beginning of the backbone” of the TACLANE family of encryptors for secure network communications, he said.

The NSA certification process is expected to take an additional three months, meaning programme officials at General Dynamics would likely not receive final word on certification until the end of 2020, King explained. Agency officials signed off on Type 1 certification for the TACLANE-Nano in October 2019. The TACLANE-Nano is a smaller, ruggedised variant of the TACLANE-ES10 that supports asymmetric data transfers at up to 120 megabytes per second (MB/s) of aggregate throughput, a company fact sheet stated.

As designed, the TACLANE-ES10 will be capable of 20 gigabytes per second (Gb/s), providing enough computing and data transfer power to support expeditionary operations at the tactical level up to secured enterprise network communications. The goal, programme officials say, was to address encrypted data transmission requirements for tactical-level operations but also support encryption requirements for secure or classified interagency communications and data transfers within the United States, King said.

“You can probably reach out to the tactical world in some cases with 10 [gigabits]” per second, King explained, noting when those communications operations shift back to the continental United States between US intelligence communities, the gigabit speeds for Layer 2 protocol transmissions increase exponentially. Being able to address that spectrum of gigabyte speed, from the battlefield to the agency or department level, is a key capability of the TACLANE-ES10. That 20 Gb/s speed will also allow the TACLANE-ES10 to “address data centre and campus interoperability, cloud and big data processing,” the fact sheet stated.

The software architecture in the TACLANE-ES10 will be the basis of a family of future TACLANE encryption systems, designed to handle Layer 2 secure communications across the spectrum of gigabit speed requirements, he said. The TACLANE-ES100, which will transmit at 100 gigabits per second, is the next variant of the company’s new family of encryption systems and is expected to be released by 2021, King said. “Probably a year after that, we [will] have the design going in for 400 gigabits all the way to 1.6 terabits,” he said, regarding future iterations of the system in the coming years.

The TACLANE-ES10 is generally designed for use aboard tactical wheeled vehicles and larger unmanned aerial systems (UAS), King said. “The [US] Army is a big user of network encryptors ... and [the TACLANE-ES10] is capable of being deployed in any experiment or fielded operation,” including those focused on development of the service’s Integrated Tactical Network (ITN) initiative, he added.

The encryption capability development work on the TACLANE-ES10 was rooted in already matured variants of High Assurance Internet Protocol Encryptor (HAIPE) technology for Layer 3 or networking layer encryption, which company officials have provided to end users for over two decades, King said. The TACLANE-Nano system certified by the NSA was HAIPE v4.2.5 compliant, according to the fact sheet. That software development work also included selective adoption of open architecture standards. Critics claim use of open architecture standards sacrifices security in favour of rapid software and system upgrade capabilities.

But in the TACLANE-ES10 development, open architecture standards were only leveraged on elements outside of the system’s portfolio of critical capabilities, King explained.

“There is a lot of good work going on in open standards [architecture], we recognise that and the NSA recognises that,” he said. “When we develop our architecture, there is an envelope ... of critical capability inside the encryptor. And within that envelope, you really want to know who it was that wrote [the code]” he explained. But outside that core set of critical capabilities, “then open standards stuff is fair game ... [and] we try to blend the best of both worlds,” King added.

Comment
NSA certification of the new TACLANE-ES10 network encryption system to the agency’s Level 1 standards could be a huge win for network security requirements for the Army’s ITN. The ground service is already the largest consumer of fixed and mobile network encryption technologies. As testing and experimentation progresses throughout the ITN’s various capability sets, service leaders will likely look to push the effective ranges for network communications – from mobile to ground station-based terrestrial datalinks to space-based satellite communications – and advanced encryption systems with increasing Mb/s and Gb/s speeds will only become more in demand to meet those requirements.

Note - This article was republished with the permission of Jane's International Defence Review.