Featured image

MIL-SSR / MIL-10SSR series

L2/L3 Secure Switch Router

Overview

The MIL-SSR and MIL-10SSR series are military-certified secure routers that take full advantage of SOC-E’s advanced and well-known networking technology to ensure secure, reliable and high-available communications in the most demanding battlefield environments for land, air and sea platforms.

The switching electronics are implemented in a high-performance FPGA, allowing the devices to be fully customized to each customer’s specific requirements. This MOTS approach, based on a field-proven COTS solution to minimize project risk, results in a SWaP interoperable all-in-one device, that combines advanced routing, firewall and VPN capabilities, with time server and edge computing features in a single hardware platform.

With fully customisable external network connectivity and a lightweight and compact MIL-STD-810G certified chassis, the MIL-SSR/MIL-10SSR series can adapt to almost any situation and meet the requirements of the harshest military programmes.

Key Features

  1. Up to 26 configurable Ethernet 10/100/1000-BaseT and 1GbE/10GbE Fibre Optic ports
  2. Full in-house design (including networking and synchronization IP Cores) based on a reconfigurable MPSoC platform with edge computing capabilities
  3. Firewall and VPN capabilities, combined with advanced security means including IEEE 802.1X and MACsec, among others
  4. Optional “Zero-Packet Loss” redundancy based on HSR/PRP protocols for high-availability communications
  5. Optional Grand Master and Clock bridging capabilities with accurate time distribution via IEEE 1588 (PTP)
  6. Simplified management and monitoring via a user-friendly HTTPS web interface or a flexible console port
  7. Sealed military grade and compact enclosure with MIL-STD-704/MIL-STD-1275E power supply

Technical Specifications

  • Communication Interfaces

    • Up to 22x 10/100/1000BaseT Copper Ethernet ports
    • Up to 6x 1GbE/10GbE Fibre Optic Ethernet ports
    • 1x 10/100/1000BaseT Ethernet Service port
    • 1x PPS output (Miscellaneous connector)
    • 1x optional IRIG-B output (Miscellaneous connector)
    • 1x RS-232 serial line (Miscellaneous connector)
    • 2x General purpose input/output pins or PPS/IRIG-B input (Miscellaneous connector)
  • Layer 2 Features

    • IEEE 802.3-2008 (Ethernet)
    • Automatic MAC address learning and aging
    • Static MAC Table
    • Port-Based Virtual LANs (VLANs):
      • Logical segmentation of network for optimal use of bandwidth
      • IEEE 802.1Q for VLAN tagging (up to 4K VLAN groups)
      • IEEE 802.1p for Class of Service (CoS) / Quality of Service (QoS)
    • IEEE 802.1AB for Link Layer Discovery Protocol (LLDP)
    • Port rate limiting
    • Storm control for flooded broadcast, multicast and unicast
    • Layer 2 multicast filtering
    • IGMP Snooping (up to 1024 multicast filters)
    • Flexible Link Aggregation (up to 4 groups with 8 members each) (Expected 2025)
  • Redundancy

    • Spanning Tree Protocol:
      • IEEE 802.1D (STP)
      • IEEE 802.1w (RSTP)
      • IEEE 802.1s (MSTP)
    • Zero-Recovery Time redundancy (optional):
      • High-availability Seamless Redundancy (HSR) – IEC 62439-3 Clause 5
      • Parallel Redundancy Protocol (PRP) – IEC 62439-3 Clause 4
  • Layer 3 Features

    • IPv4/IPv6 unicast and multicast routing
    • Static routing
    • Dynamic routing:
      • OSPFv2, OSPFv3
      • RIPv1, RIPv2, RIPng
      • BGPv4
      • EIGRP
      • PIM-SM (IPv4 and IPv6)
    • Virtual Router Redundancy Protocol (VRRP)
    • DSCP ToS / QoS (optional)
    • Source/Destination NAT (optional)
  • Security

    • IEEE 802.1X for port-based network access control
    • MAC port binding & authentication for login security
    • RADIUS authentication
    • LDAP (Lightweight Directory Access Protocol)
    • RBAC (Role Based Access Control)
    • Selective ports disabling capability
    • Unsecure protocols disabling capability
    • Per port ingress and egress port mirroring including 10G mirroring
    • Mirroring per VLAN and per content awareness match
    • HTTPS for web interface
    • Secure Shell (SSH) Protocol v2 for command line interface
    • TPM 2.0 IC for identity authentication
    • Encryption/authentication & signature for firmware and bitstream
    • Secure-boot capability
    • IEEE 802.1AE – MACsec (Media Access Control Security) support
    • Custom ACLs (optional)
    • Virtual Private Network (VPN):
      • Site to site and remote VPN support
      • IPsec VPN tunnels
      • L2TP VPN tunnels
      • PPTP VPN tunnels
      • Gretap VPN tunnels
      • SSL-based OpenVPN (optional)
      • IPsec aggregate performance: 75 Mbps / 250 Mbps (optional) with AES256-SHA256, 1500 bytes packet size.
    • Stateful inspection firewall:
      • Firewall performance: 600Mbps (with std. configuration)
      • Unlimited concurrent connections
      • IPv6 firewalling (optional)
      • Stateful failover (optional)
    • Other optional security features:
      • Intrusion Prevention System / Intrusion Detection System
      • Antivirus Scanning
      • DoS Protection
      • Botnet blocking (IP reputation)
      • Web content filtering
      • Application visibility and control
    • Certifications:
      • Tempest Level B rated
      • LINCE (Common Criteria based) certification

    Not all the features may be supported in all the product models.

  • Gateway

    • Edge-computing capabilities for user defined applications
    • Support for DDS standard and MQTT protocol in KVM Virtual Machine for user application
    • Optional CAN 2.0 integrated ports
    • Optional RS-232/RS-422/RS-485 buses with Modbus/Serial console
  • Synchronization

    • IEEE 1588-2008 v2 (PTPv2)
    • IEEE 1588 Stateless Transparent Clock (TC)
    • IEEE 1588 Ordinary Clock (Master-Slave)
    • Time Bridge operation: NTP <->PTP
    • NTP (Server/Client)
    • Optional IRIG-B – Time Code Formats (distributed as DCLS pulse-width coded signal)
    • Optional time server and time bridging capabilities
  • Configuration & Management

    • HTTPS web interface
    • SSHv2 command line interface (CLI)
    • SNMP V1/V2c/V3 protocol support
    • SNMP V3 encrypted authentication and access security
    • SNMP over TLS support (optional)
    • Netconf protocol support (optional)/span>
    • Encrypted and digitally signed firmware/bitstream upgrades
    • Saving and restoring configuration
    • Graphic representation of Network status (only in HSR/PRP networks)
    • Statistics independent per port
    • Internal status monitoring and logging
    • Event notification through Syslog
    • DHCP/DHCPv6 server and relay (optional)
    • Built-in-Test capability including:
      • PBIT (Power-on BIT)
      • CBIT (Continuous BIT)
      • IBIT (Initiated BIT)
    • In-band management via any Ethernet switch port or out-of-band via Ethernet (service port)
    • RS-232 serial console
  • Processing

    • Xilinx Ultrascale+ MPSoC device:
      • 4x 64bit CPU ARM-Cortex-A53
      • 2x 32bit CPU ARM-Cortex-R5F
      • 1x GPU ARM-Mali 400MHz
      • 1x 16nm UltraScale+ FPGA
    • Up to 4GB DDR4 RAM memory
    • 32GB eMMC Flash memory
    • 512Mb QSPI Flash memory
  • Physical & Electrical Characteristics

    • Military certified fanless rugged design
    • Dimensions (mm): 220(W) | 155(D) | 98(H)
    • Weight: 3kg (combination of metalwork, PSU and payload)
    • Power Input: 28VDC*
    • Power consumption: 20-35W
    • Copper, Fibre Optic, Power supply and Miscellaneous port with RS-232/PPS/IRIG-B (optional) capability via D38999 connector
    • Service port via RJ45 or D38999 connector

    Other PSU available under demand. Contact your sales representative for more information.

  • MTBF

    • 200,000 hours GB@25
    • MTTR = 0.5 hour
  • Warranty

    • 2 years
  • Export Control

    • ITAR Free
  • Certifications

    • MIL-STD-461: CE101, CE102, CS101, CS114, CS115, CS116, RE101, RE102, RS101, RS103
    • MIL-STD-810: Methods: 500.5, 501.5, 502.5, 504.1, 506.5, 507.4, 508.6, 509.5, 513.6, 514.6, 516.6
    • RTCA DO-160: Section 22
    • MIL-STD-704F, MIL-STD-1275E
    • ESD EN61000-4-2
    • MIL-DTL-38999, MIL-STD-1474D, IP66

    A qualification campaign is currently underway to incorporate new standards and tests.

      For more information, please contact your sales representative.

      Downloads

      BR_MIL_SSR-MIL_10SSR-w
      pdf