Media Flexibility | FIPS 140-2
Controls IP, SDI/Baseband/HDMI or Hybrid systems for complete design flexibility
Overview
The PESA Secura family of secure video distribution products, designed with security in mind, rely on the power and flexibility of Secura Command Center for configuration, control and management of the Secura workflow from source to glass. PESA’s A/V and KVM over IP solutions encompass multiple video, audio and control formats across multiple levels of authorization and access, with the Secura Command Center managing it all, seamlessly, within one system and simplifying the workflow and maintenance of the solution.
Secura Command Center utilizes Arista enterprise COTS (Commercial Off-The-Shelf) network switches for network scalability, reliability and security. The PESA Secura A/V and KVM over IP distribution system and endpoints or nodes uses fixed-key AES-256 encryption to ensure that only the intended recipients can decrypt and access the media. With Security being our primary objective, it is no wonder why more military, government and corporations choose PESA for critical command and control (C2) environments.
Highlights
Media Flexibility
- HDMI
- SDI
- IP
- KVM
- USB
- 4K REALTIME VIDEO
- HDR
- AUDIO
Military Grade Security
- FIPS 140-2
- Common Access Card (CAC) compliant
- AES256 Encryption
- Multiple Independent Levels of Security (MILS)
- CNSA (Suite-B) Compliant
- Mutual Authentication
- Multifactor Authentication
- JITC IO Certification*
Central Control Interface
- Video and audio devices
- IP Ethernet Switches
- KVM and USB
- SDI / HDMI Baseband routers
- Control Surfaces
Features
- Provides an IP based central control manager for defining, configuring and managing video, audio and metadata as well as the inherent security classifications.
- Works in small, physically-limited environments as well as large, distributed, network environments for complete system design elasticity.
- Supports client - server architectures for enhanced physical security.
- Uses servers in physically secure rack rooms, with secure thin/zero clients and endpoints providing authenticated and restricted access based on individual access authority.
- Open-Source Container architecture based on Docker and Kubernetes
Secura Command Center defines, configures and manages all audio, video and USB signals as well as their inherent security classifications within one system, even as it scales. Common Access Card (CAC) authorization can be extended to CAC readers at locations where users needed to authenticate while secure PC or Thin Client assets remain in physically protected areas.
This Secura video, audio and KVM over IP distribution system can scale to thousands of endpoints utilizing the agile IP network fabric from Arista. Combining PESA Secura software with Arista network switches provides a robust IP architecture to deliver critical media signals when and where they are needed the most. The PESA Secura system was designed for demanding security requirements in order to protect sensitive assets from security breaches, insider threats and unauthorized use. Each source and destination can be assigned a security level with fixed keys, along with transmit and receive endpoints according to their authorization assignment.
Typically housed in a secure and protected rack room environment, access to the physical device(s) is limited to authorized personnel and senior administration. The Secura Command Center is comprised of IP network services that include NMOS (Networked Media Open Specifications) registration and discovery, virtual matrix, and touch panel service combined with the legendary Cattrax / CattraxIP configuration tools. Collectively they manage and control the KVM or A/V over IP transmitters, receivers and HID/CAC USB devices. Combined with a properly architected ethernet network the process is simple and extremely flexible.
- NMOS – Networked Media Open Specification (NMOS) IS-04/05, from the Advanced Media Workflow Association (AMWA) is used for Registration and Discovery, identifying senders and receivers in the connected network. The Registration and Discovery Server (RDS) is additionally responsible for network names and addresses.
- FIPS 140-2 – FIPS 140-2 encryption brings military-grade encryption audio, video and metadata essence flows. Secura A/V over IP and KVM endpoints support FIPS 140-2 encryption in accordance with the standards published by the National Institute of Standards and Technology (NIST).
Secura Command Center provides interfaces to control options, while PESA’s case-hardened encryption and FIPS 140-2 protects your content.
PESA can provide several options for authorized, physical control of media.
- Hardware button panels
- Software touch panels/surfaces may be incorporated into a system
Authorization examples for individuals to view and control media:
- CAC (Conditional Access Card) or
- Token Key device
Applications
Specs & Ordering Info
Resolution:
| Input | up to 4Kp60 4:4:4 (single cable) HD, Full HD, 4K UHD (4:4:4) plus HDR |
| Output | up to 4Kp60 4:4:4 (single cable) HD, Full HD, 4K UHD (4:4:4) plus HDR |
| Video Resolution Display Formats | Mixed (Dynamic) EDID |
| Low latency | ~1ms |
| Audio | Dolby, Mono, Stereo,5.1 |
I/O:
| RJ45 | 1 Gb/s Copper Ethernet |
| RJ45 SFP | 10 Gbe Copper Ethernet |
| SFP/SFP+ | SFP+ 10Gb Fiber Ethernet (TRX) |
| HDMI | HDMI 2.0 / HDCP 2.2 / HDMI 1.4 / HDMI 1.3 |
| USB | USB CAC / USB HID / USB KVM |
| POE | Yes (RJ45) |
| Display Port | Yes, with converter |
NETWORK:
| SDN | Yes |
| Max Endpoints | ~1 Million plus+ |
| TCP/IP | Yes |
| mDNS | Yes – Registration and Discovery (NMOS) |
| IGMPv3 | Yes |
| Leaf/Spine | Yes |
| ARP | No (Not Secure) |
| Open Architecture – Cloud Native Design | |
Security:
| Multi Factor Authentication | Yes |
| Number of Security Levels | unlimited |
| MILS Levels | Yes |
| Video Encrypted | Yes (AES256) |
| Audio Encrypted | Yes (AES256) |
| USB Encrypted | YES (PESA Crypto Module- FIPS Validated) |
| DoD APL and NIAP Secure Switch | YES (Arista with SDN and TPM) |
| NIST Certified FIPS 140-2 Encryption – YES! | |
Certifications:
| PESA Crypto Module | Yes |
| NIST FIPS 140-2 Validation (CMVP) | Yes (Cert 4021) |
| DoDIN APL Switches | Yes |
| NIAP Switches | Yes |
| TAA Compliant | Yes |
| Do Not Sell to US Adversaries | YES |
Environmental Specifications:
| Operating Temperature | 0 – 40 °C |
| Humidity | 5% to 95%, non-condensing |
Secura Command Center Software
| SEC-IP-SCSW | Secura crypto and system control software annual license – Year 1 |
| IPSWM | Secura crypto and system control software term license – Year 2-4 |
Secura Command Center Hardware
| SEC-IP-SCH-250 | Secura Server, System Controller Hardware, 2RU, for up to 250 Endpoints |
| SEC-IP-SCH-250-RD | Redundant Secura Server, Hardware, 2RU, for up to 250 Endpoints |
Validated IP Switches and Accessories
| PS-CCS-758-25-BND | Arista 758 Chassis bundle. Includes 750X 8-slot Chassis, 1 Switch Card, 1 Sup25 |
| PS-CCS-750X-48TP-LC | Arista 750 Series 48 port 1G PoE (30W) linecard |
| PS-PWR-3351-AC-RED | Arista 3300W AC PSU POE Front to Rear |
| PS-CCS-750-SCVR | Spare Blank Cover for 750 Series Supervisor Slot |
| PS-CCS-750-LCVR | Spare Blank Cover for 750 Series Linecard Slot |
| PS-CAB-C19-6-20 | Power Cord, NA, C19 – NEMA 6-20, 20A/250V, 2.5M, UL/CSA |
| PS-SVC-758XP-1M-NB | A-Care Software & NBD Hardware Replacement/Same Day Ship for CCS-758 Arista Networks (year 1-4) |
| Additional Information on Arista 750 Series Switches | Link to Arista 750 IP Switches |
Secura Services and Extended Maintenance Options
| OSC-DOM-DY1 | Domestic On-site Commissioning Day 1 (per 8 hour day)(North America only) |
| OSC-DOM-ADDLDYS | Domestic On-site Commissioning Additional Days (per 8 hour day)(North America only) |
| IPEXW | Extension of warranty for hardware items (year 2-4) |
For Endpoint and Panel parts please see respective pages.
Please contact us at sales@pesa.com for more information.
Additional Resources
Brochure: Secura Command Center
Brochure: Secura Navigator Touch Panel
Please contact support@pesa.com or sales@pesa.com for additional user guides or product manuals.
For additional information on Secura VDS-IP:
Secura Videos: YouTube Channel
Press Release: PESA Releases Secura LION
Press Release: PESA Secura Complies with CNSA Cybersecurity Requirements
Press Release: PESA Releases Secura VDS-IP
Related Product Pages:
Secura Navigator Control Panel
Related Applications Pages: