Media Flexibility | FIPS 140-2

Controls IP, SDI/Baseband/HDMI or Hybrid systems for complete design flexibility

Overview

The PESA Secura family of secure video distribution products, designed with security in mind, rely on the power and flexibility of Secura Command Center for configuration, control and management of the Secura workflow from source to glass. PESA’s A/V and KVM over IP solutions encompass multiple video, audio and control formats across multiple levels of authorization and access, with the Secura Command Center managing it all, seamlessly, within one system and simplifying the workflow and maintenance of the solution. 

Secura Command Center utilizes Arista enterprise COTS (Commercial Off-The-Shelf) network switches for network scalability, reliability and security. The PESA Secura A/V and KVM over IP distribution system and endpoints or nodes uses fixed-key AES-256 encryption to ensure that only the intended recipients can decrypt and access the media. With Security being our primary objective, it is no wonder why more military, government and corporations choose PESA for critical command and control (C2) environments.

Highlights

Media Flexibility

  • HDMI
  • SDI
  • IP
  • KVM
  • USB
  • 4K REALTIME VIDEO
  • HDR
  • AUDIO

Military Grade Security

  • FIPS 140-2
  • Common Access Card (CAC) compliant
  • AES256 Encryption
  • Multiple Independent Levels of Security (MILS)
  • CNSA (Suite-B) Compliant
  • Mutual Authentication
  • Multifactor Authentication
  • JITC IO Certification*

Central Control Interface

  • Video and audio devices
  • IP Ethernet Switches
  • KVM and USB
  • SDI / HDMI Baseband routers
  • Control Surfaces

Features

  • Provides an IP based central control manager for defining, configuring and managing video, audio and metadata as well as the inherent security classifications.
  • Works in small, physically-limited environments as well as large, distributed, network environments for complete system design elasticity.
  • Supports client - server architectures for enhanced physical security.
  • Uses servers in physically secure rack rooms, with secure thin/zero clients and endpoints providing authenticated and restricted access based on individual access authority.​
  • Open-Source Container architecture based on Docker and Kubernetes

 Secura Command Center defines, configures and manages all audio, video and USB signals as well as their inherent security classifications within one system, even as it scales. Common Access Card (CAC) authorization can be extended to CAC readers at locations where users needed to authenticate while secure PC or Thin Client assets remain in physically protected areas.

This Secura video, audio and KVM over IP distribution system can scale to thousands of endpoints utilizing the agile IP network fabric from Arista. Combining PESA Secura software with Arista network switches provides a robust IP architecture to deliver critical media signals when and where they are needed the most. The PESA Secura system was designed for demanding security requirements in order to protect sensitive assets from security breaches, insider threats and unauthorized use.  Each source and destination can be assigned a security level with fixed keys, along with transmit and receive endpoints according to their authorization assignment.

Typically housed in a secure and protected rack room environment, access to the physical device(s) is limited to authorized personnel and senior administration. The Secura Command Center is comprised of IP network services that include NMOS (Networked Media Open Specifications) registration and discovery, virtual matrix, and touch panel service combined with the legendary Cattrax / CattraxIP configuration tools. Collectively they manage and control the KVM or A/V over IP transmitters, receivers and HID/CAC USB devices.  Combined with a properly architected ethernet network the process is simple and extremely flexible.

  • NMOS – Networked Media Open Specification (NMOS) IS-04/05, from the Advanced Media Workflow Association (AMWA) is used for Registration and Discovery, identifying senders and receivers in the connected network. The Registration and Discovery Server (RDS) is additionally responsible for network names and addresses.
  • FIPS 140-2 – FIPS 140-2 encryption brings military-grade encryption audio, video and metadata essence flows. Secura A/V over IP and KVM endpoints support FIPS 140-2 encryption in accordance with the standards published by the National Institute of Standards and Technology (NIST).

Secura Command Center provides interfaces to control options, while PESA’s case-hardened encryption and FIPS 140-2 protects your content.

PESA can provide several options for authorized, physical control of media.

  • Hardware button panels
  • Software touch panels/surfaces may be incorporated into a system

Authorization examples for individuals to view and control media:

  • CAC (Conditional Access Card) or
  • Token Key device

Specs & Ordering Info

SPECS

Resolution:

Inputup to 4Kp60 4:4:4 (single cable) HD, Full HD, 4K UHD (4:4:4) plus HDR
Outputup to 4Kp60 4:4:4 (single cable) HD, Full HD, 4K UHD (4:4:4) plus HDR
Video Resolution Display FormatsMixed (Dynamic) EDID
Low latency ~1ms
AudioDolby, Mono, Stereo,5.1

 

I/O:

RJ451 Gb/s Copper Ethernet
RJ45 SFP10 Gbe Copper Ethernet
SFP/SFP+SFP+ 10Gb Fiber Ethernet (TRX)
HDMIHDMI 2.0 / HDCP 2.2 / HDMI 1.4 / HDMI 1.3
USB USB CAC / USB HID / USB KVM
POEYes (RJ45)
Display Port Yes, with converter
 

 

NETWORK:

SDNYes
Max Endpoints~1 Million plus+
TCP/IPYes
mDNSYes – Registration and Discovery (NMOS)
IGMPv3 Yes
Leaf/SpineYes
ARP No (Not Secure)
Open Architecture – Cloud Native Design 

 

Security:

Multi Factor AuthenticationYes
Number of Security Levelsunlimited
MILS LevelsYes
Video EncryptedYes (AES256)
Audio EncryptedYes (AES256)
USB Encrypted YES (PESA Crypto Module- FIPS Validated)
DoD APL and NIAP Secure SwitchYES (Arista with SDN and TPM)
NIST Certified FIPS 140-2 Encryption – YES!

 

Certifications:

PESA Crypto ModuleYes
NIST FIPS 140-2 Validation (CMVP)Yes (Cert 4021)
DoDIN APL SwitchesYes 
NIAP SwitchesYes
TAA Compliant Yes
Do Not Sell to US Adversaries YES

 

Environmental Specifications:

Operating Temperature0 – 40 °C
Humidity5% to 95%, non-condensing
ORDERING INFO

Secura Command Center Software

SEC-IP-SCSWSecura crypto and system control software annual license – Year 1
IPSWMSecura crypto and system control software term license – Year 2-4

 

Secura Command Center Hardware

SEC-IP-SCH-250Secura Server, System Controller Hardware, 2RU, for up to 250 Endpoints
SEC-IP-SCH-250-RDRedundant Secura Server, Hardware, 2RU, for up to 250 Endpoints

 

Validated IP Switches and Accessories

PS-CCS-758-25-BNDArista 758 Chassis bundle. Includes 750X 8-slot Chassis, 1 Switch Card, 1 Sup25
PS-CCS-750X-48TP-LCArista 750 Series 48 port 1G PoE (30W) linecard
PS-PWR-3351-AC-REDArista 3300W AC PSU POE Front to Rear
PS-CCS-750-SCVRSpare Blank Cover for 750 Series Supervisor Slot
PS-CCS-750-LCVRSpare Blank Cover for 750 Series Linecard Slot
PS-CAB-C19-6-20Power Cord, NA, C19 – NEMA 6-20, 20A/250V, 2.5M, UL/CSA
PS-SVC-758XP-1M-NBA-Care Software & NBD Hardware Replacement/Same Day Ship for CCS-758 Arista Networks (year 1-4)
Additional Information on Arista 750 Series SwitchesLink to Arista 750 IP Switches 

 

Secura Services and Extended Maintenance Options

OSC-DOM-DY1Domestic On-site Commissioning Day 1 (per 8 hour day)(North America only)
OSC-DOM-ADDLDYSDomestic On-site Commissioning Additional Days (per 8 hour day)(North America only)
IPEXWExtension of warranty for hardware items (year 2-4)

For Endpoint and Panel parts please see respective pages.

Please contact us at sales@pesa.com for more information.

Additional Resources

Brochure: Secura Command Center

Brochure: Secura Navigator Touch Panel

Please contact support@pesa.com or sales@pesa.com for additional user guides or product manuals.