The National Security Agency (NSA) recently launched the Commercial Solutions for Classified (CSfC) program enabling organizations to transmit classified information using commercial-grade encryption solutions, eliminating the need for expensive, difficult-to-use classified equipment. The enabling technology for this program is an architecture that consists of two layers of Suite B cryptography, and thus these systems are often referred to as Suite B solutions.

CSfC enables access to classified information using inexpensive, commercial technologies – benefiting warfighters by:

  • Reducing equipment costs
  • Simplifying equipment handling/security procedures
  • Simplifying training
  • Enabling US coalition partners to access classified information, without taking possession of controlled cryptographic items (CCI)
  • Enabling WAN and wireless access (Wi-Fi and LTE) to classified information without the need for expensive, highly controlled hardware products

PacStar’s proprietary products, technical expertise, integration, test and certification experience in deployed and fixed networking systems based on commercial-off-the-shelf (COTS) equipment provide our customers with a one-stop shop for CSfC solutions. Our CSfC solutions include:

IQ-Core® Software CSfC Plug-in

IQ-Core Software CSfC Plug-in can overcome the added complexity and training burden imposed by two layers of encryption, by simplifying the setup, configuration and management of the underlying equipment used in CSfC solutions. Our management software:

  • Enables the deployment of CSfC solutions, with attendant benefits, while reducing the amount of added complexity and training
  • Provides a unified interface (“a single pane of glass”) to underlying equipment from multiple vendors
  • Provides means to monitor multiple sets of equipment, in fixed/branch office and deployed settings, so that untrained operators can manage the equipment

IQ-Core Software delivers these benefits because it is a robust communications management software platform providing:

  • An intuitive user interface making set-up and operation by non-technical personnel quick and easy to learn with significantly fewer mis-configuration errors
  • Powerful wizards and alerts with a common user interface across all hardware and software components automating complex and routine tasks
  • Interoperability with a broad range of tactical and enterprise communications hardware and systems, enabling easy, consistent operation even with upgrade and replacement of system components
  • An extension of advanced IP-enabled unified communications (voice, video, data sharing, etc.) to the edge without increase in complexity of operation
  • Vendor agnostic remote management with the ability to monitor, change device configurations and troubleshoot from anywhere in the world

IQ-Core Software CSfC Plug-in adds specific CSfC functionality to support the above devices, as follows:

  • VPN setup/configuration wizards
  • VPN monitoring
  • Digital certificate generation and Certificate Authority management wizards

The VPN setup and certificate wizards reduce the complexity of providing the correct information to the CSfC devices by providing step-by-step wizards, insulating lightly trained users from dealing with the command line interfaces and multiple UIs from underlying devices. » To learn more

PacStar IQC Software

PacStar 400-Series Tactical Hardware and Compact Case Solution

  • Based on Cisco ESR 5915, Cisco ES 2020, Aruba VMC, Hypori ACE and other networking technologies from leading providers, providing CSfC compliant encryption capabilities
  • Integrated power supplies that run on tactical radio batteries, wide range DC input and worldwide AC input
  • Snap-together design enables quick expansion with other PacStar 400-series products and quick reconfiguration of modules and chassis
  • Continuous runtime with hot swappable batteries
  • Regulated 12 V DC output supports powering other accessories
  • Extensively MIL-STD 810G environmentally tested for temperature, shock, and vibration
  • Typical module weight: 2.5 lbs.
  • Typical module dimensions: 5.3” x 7.1” x 1.6”
  • Module choices: 441 (router), 442 (switch), 451 (server), 461 (RoIP), 462 (analog voice) and more

Use your choice of modules alone or in PacStar flexible case solutions

  • PacStar Pelican™ Case Systems
  • PacStar Smart Chassis
  • PacStar Desktop Chassis
  • PacStar Mini-Transit Case
  • Rack Mount Systems

» To learn more

400-Series Solutions

PacStar Enterprise IT Solutions

PacStar, as a leading provider of integrated, on-base, fixed infrastructure LAN/WLAN solutions, has developed extensive testing and integration expertise in relevant networking and communications technologies, leveraging our long history working with many industry-leading networking OEMs and vendors including Cisco, Brocade, Aruba Networks, and Riverbed.

PacStar is a leading provider of LAN equipment through our Enterprise IT Solutions division, offering CSfC approved products from manufacturers, including:

  • Aruba Networks
  • Cisco Systems
  • Microsoft

PacStar is also working with additional major networking companies to develop unannounced CSfC solutions. Contact us for quotes on solutions that meet your needs. » To learn more

Putting It All Together

Because of the modularity and flexibility of PacStar products, we can deliver many CSfC configurations, depending on your use cases, size of team, and other requirements. Configurations can include systems to meet the CSfC VPN CP, Campus WLAN CP, and Mobile Access CP. Just one example configuration is show below.

CSfC Topology

This configuration uses the VPN capabilities package to provide classified information over a WAN link.

Key aspects of the architecture include:

  • PacStar 451 with Aruba VMC-T provide the outer WAN VPN tunnel – the first layer of the two-layer CSfC solution. This VPN is terminated at the reachback facility at an organization’s headquarters – where the Aruba VPN is typically terminated by another Aruba MC
  • PacStar 441 router using Cisco ESR 5915 provides the second layer of encryption by utilizing Cisco VPN technology, as required by CSfC. This router additionally provides enclave routing services such as gateway functions, setup of VLANs separating voice and data, and policy based routing – enabling WAN optimization solutions to be forward deployed and applied to data VLANs – as well as providing failover
  • PacStar 442 provides network access for end instruments
  • PacStar 451 with Riverbed Virtual Steelhead provide WAN optimization, and PacStar IQ-Core Software’s server provides the monitoring and management of the system as a whole
  • PacStar IQ-Core Software simplifies the setup, configuration and management of the underlying equipment