Media Flexibility | FIPS 140-2

Controls IP, SDI/Baseband/HDMI or Hybrid systems for complete design flexibility

Secure

Overview

The PESA Secura family of secure video distribution products, designed with security in mind, rely on the power and flexibility of Secura Command Center for configuration, control and management of the Secura workflow from source to glass. PESA’s A/V and KVM over IP solutions encompass multiple video, audio and control formats across multiple levels of authorization and access, with the Secura Command Center managing it all, seamlessly, within one system and simplifying the workflow and maintenance of the solution. 

Secura Command Center utilizes Arista enterprise COTS (Commercial Off-The-Shelf) network switches for network scalability, reliability and security. The PESA Secura A/V and KVM over IP distribution system and endpoints or nodes uses fixed-key AES-256 encryption to ensure that only the intended recipients can decrypt and access the media. With Security being our primary objective, it is no wonder why more military, government and corporations choose PESA for critical command and control (C2) environments.

Highlights

Media Flexibility

  • HDMI
  • SDI
  • IP
  • KVM
  • USB
  • 4K REALTIME VIDEO
  • HDR
  • AUDIO

Military Grade Security

  • FIPS 140-2
  • Common Access Card (CAC) compliant
  • AES256 Encryption
  • Multiple Independent Levels of Security (MILS)
  • CNSA (Suite-B) Compliant
  • Mutual Authentication
  • Multifactor Authentication
  • JITC IO Certification*

Central Control Interface

  • Video and audio devices
  • IP Ethernet Switches
  • KVM and USB
  • SDI / HDMI Baseband routers
  • Control Surfaces

Features

  • Provides an IP based central control manager for defining, configuring and managing video, audio and metadata as well as the inherent security classifications.
  • Works in small, physically-limited environments as well as large, distributed, network environments for complete system design elasticity.
  • Supports client - server architectures for enhanced physical security.
  • Uses servers in physically secure rack rooms, with secure thin/zero clients and endpoints providing authenticated and restricted access based on individual access authority.​
  • Open-Source Container architecture based on Docker and Kubernetes

AFCEA Webinar - ON-Demand Now Available

Where is your video at risk and what can be done to protect it?
Register to View NOW
Previous
Next

 Secura Command Center defines, configures and manages all audio, video and USB signals as well as their inherent security classifications within one system, even as it scales. Common Access Card (CAC) authorization can be extended to CAC readers at locations where users needed to authenticate while secure PC or Thin Client assets remain in physically protected areas.

This Secura video, audio and KVM over IP distribution system can scale to thousands of endpoints utilizing the agile IP network fabric from Arista. Combining PESA Secura software with Arista network switches provides a robust IP architecture to deliver critical media signals when and where they are needed the most. The PESA Secura system was designed for demanding security requirements in order to protect sensitive assets from security breaches, insider threats and unauthorized use.  Each source and destination can be assigned a security level with fixed keys, along with transmit and receive endpoints according to their authorization assignment.

Typically housed in a secure and protected rack room environment, access to the physical device(s) is limited to authorized personnel and senior administration. The Secura Command Center is comprised of IP network services that include NMOS (Networked Media Open Specifications) registration and discovery, virtual matrix, and touch panel service combined with the legendary Cattrax / CattraxIP configuration tools. Collectively they manage and control the KVM or A/V over IP transmitters, receivers and HID/CAC USB devices.  Combined with a properly architected ethernet network the process is simple and extremely flexible.

  • NMOS – Networked Media Open Specification (NMOS) IS-04/05, from the Advanced Media Workflow Association (AMWA) is used for Registration and Discovery, identifying senders and receivers in the connected network. The Registration and Discovery Server (RDS) is additionally responsible for network names and addresses.
  • FIPS 140-2 – FIPS 140-2 encryption brings military-grade encryption audio, video and metadata essence flows. Secura A/V over IP and KVM endpoints support FIPS 140-2 encryption in accordance with the standards published by the National Institute of Standards and Technology (NIST).

Secura Command Center provides interfaces to control options, while PESA’s case-hardened encryption and FIPS 140-2 protects your content.

PESA can provide several options for authorized, physical control of media.

  • Hardware button panels
  • Software touch panels/surfaces may be incorporated into a system

Authorization examples for individuals to view and control media:

  • CAC (Conditional Access Card) or
  • Token Key device

Applications

Military and Defense

Military

Government

Government

Broadcast

Entertainment

Entertainment

Medical

Medical

Specs & Ordering Info

SPECS

 

A/V Flow Connections

1 Gb/sEthernet copper using RJ-45
10 Gb/sEthernet fiber using SFP+
StandardsSMPTE ST 259; ST 292; ST 424; ST 2081-1 and ST 2082-1, DVB-ASI (270 Mbps) and MADI (125Mbps)
System re-clocked data rates
(Inputs & Outputs)		MADI-125 Mbps; SD-270 Mbps; HD-1.485 Gbps; 3G-2.97 Gbps; 6G-5.94 Gbps; and 12G-11.88 Gbps
Power< 11 W (No I/O blade attached and no video)
*Must be paired with either HDBNC I/O Blade or SFP I/O Blade

12G Multi-Rate HDBNC I/O Blade:*

Input ports per I/O Blade16
Output ports per I/O Blade16
StandardsSMPTE ST 259; ST 292; ST 424; ST 2081-1 and ST 2082-1, DVB-ASI (270 Mbps) and MADI (125Mbps)
Auto-AdaptiveAll inputs from 19 Mbps to 12Gbps
System re-clocked data rates
(Inputs & Outputs)		MADI-125 Mbps; SD-270 Mbps; HD-1.485 Gbps; 3G-2.97 Gbps; 6G-5.94 Gbps; and 12G-11.88 Gbps
Connector TypeHD-BNC
Power< 6 W (No video signals attached)
*Must be paired with Digital I/O Card

12G Multi-Rate SFP I/O Blade:*

Input module capacity modules8 Dual RX cages for non-MSA SFP
Output module capacity modules8 Dual TX cages for non-MSA SFP
Power< 29 W with 8 dual, 3G optical TX and 8 dual, 3G optical RX modules installed (with no video signals attached)
*Must be paired with Digital I/O Card

Digital Video Specifications:

StandardsSMPTE ST 259; ST 292; ST 424; ST 2081-1 and ST 2082-1
Re-clocking data rates270 Mbps, 1.485 Gbps, 2.97 Gbps, 5.94 Gbps, and 11.88 Gbps

Input return loss:

5 MHz to 1.5 MHz-17dB Max. -18dB Typical
1.5 GHz to 3 GHz-12dB Max. -13dB Typical
3 GHz to 6 GHz-7dB Max. -19dB Typical
6 GHz to 12 GHz-6dB Max. -8dB Typical

Output return loss:

5 MHz to 1.5 MHz15dB Min. 26dB Typical
1.5 GHz to 3 GHz10dB Min. 17dB Typical
3 GHz to 6 GHz7dB Min. 12dB Typical
6 GHz to 12 GHz4dB Min. 8.5 Typical

SFP Modules available for Receiver (Input) SFP cages:

Dual analog input, NTSC or PAL to SD decoders, HDBNC
Single channel HDMI to HD-SDI converter
Dual channel receivers, 3G-Multi-rate, HDBNC modules for coax
Dual channel receivers, 12G-Multi-rate, HDBNC modules for coax
Dual channel receivers, 3G multi-rate, optical, single-mode, 1310nm for fiber interface
Single channel, SMPTE ST 2022-6, Optical Receiver SFP Module (10Ge)

SFP Modules available for Xmtr (Output) SFP cages:

Single channel HD-SDI to HDMI converter
Dual channel transmitters, 3G-Multi-rate, HDBNC modules for coax
Dual channel transmitters, 12G-Multi-rate, HDBNC modules for coax
Dual channel transmitters, 3G-multi-rate, optical, single-mode, 1310nm for fiber interface
Single channel, SMPTE ST 2022-6, Optical Transmitter SFP Module (10Ge)
Dual channel, 3G Multirate, Optical, single-mode, CWDM transmitter SFP Modules, multiple wavelengths

Frame Specifications:

Width19″ Rack Mount
Height31.5″ (18 RU)
15.75″ (9RU)
Depth18.7″
Population36 I/O Cards (18RU)
18 I/O Cards (9RU)

Power:

288 x 288 Frame (up to 2x1600W PS)380W Typical (15 Amp)
576 x 576 Frame (up to 4x1600W PS)850W Typical (15 Amp)

Environmental Specifications:

Operating Temperature0 – 40 °C
Humidity5% to 95%, non-condensing
ORDERING INFO

Secura Command Center Software

SEC-IP-SCSWSecura crypto and system control software annual license – Year 1
IPSWMSecura crypto and system control software term license – Year 2-4

 

Secura Command Center Hardware

SEC-IP-SCH-250Secura Server, System Controller Hardware, 2RU, for up to 250 Endpoints
SEC-IP-SCH-250-RDRedundant Secura Server, Hardware, 2RU, for up to 250 Endpoints

 

Validated IP Switches and Accessories

PS-CCS-758-25-BNDArista 758 Chassis bundle. Includes 750X 8-slot Chassis, 1 Switch Card, 1 Sup25
PS-CCS-750X-48TP-LCArista 750 Series 48 port 1G PoE (30W) linecard
PS-PWR-3351-AC-REDArista 3300W AC PSU POE Front to Rear
PS-CCS-750-SCVRSpare Blank Cover for 750 Series Supervisor Slot
PS-CCS-750-LCVRSpare Blank Cover for 750 Series Linecard Slot
PS-CAB-C19-6-20Power Cord, NA, C19 – NEMA 6-20, 20A/250V, 2.5M, UL/CSA
PS-SVC-758XP-1M-NBA-Care Software & NBD Hardware Replacement/Same Day Ship for CCS-758 Arista Networks (year 1-4)
Additional Information on Arista 750 Series SwitchesLink to Arista 750 IP Switches 

 

Secura Services and Extended Maintenance Options

OSC-DOM-DY1Domestic On-site Commissioning Day 1 (per 8 hour day)(North America only)
OSC-DOM-ADDLDYSDomestic On-site Commissioning Additional Days (per 8 hour day)(North America only)
IPEXWExtension of warranty for hardware items (year 2-4)

For Endpoint and Panel parts please see respective pages.

Please contact us at sales@pesa.com for more information.

Additional Resources

Brochure: Secura Command Center

Brochure: Secura Navigator Touch Panel

Please contact support@pesa.com or sales@pesa.com for additional user guides or product manuals.