GE NETernity GBX463 Quick start guide

Brand: GE

Model: NETernity GBX463

Type: Quick start guide

GE NETernity GBX463 is a high-performance, Layer 3 Gigabit Ethernet switch designed for military and industrial applications. It provides a robust and reliable networking solution for harsh environments, offering advanced features such as:

Layer 3 routing capabilities, including static and dynamic routing protocols (RIP, OSPF, BGP)
Comprehensive security features, including firewall, intrusion prevention system (IPS), and access control lists (ACLs)
High availability features, including redundant power supplies and hot-swappable components
Advanced traffic management capabilities, including quality of service (QoS) and traffic shaping

Layer 3 routing capabilities, including static and dynamic routing protocols (RIP, OSPF, BGP)
Comprehensive security features, including firewall, intrusion prevention system (IPS), and access control lists (ACLs)
High availability features, including redundant power supplies and hot-swappable components
Advanced traffic management capabilities, including quality of service (QoS) and traffic shaping

Intelligent Platforms

Military

Communications

You can have peace of mind that comes from working with a

proven supplier.

GE Intelligent Platforms is a global leader in

the design and manufacture of communi-

cations electronics and subsystems for the

military, telecommunications and industrial

markets. With a strong presence in all three

markets, we leverage a unique portfolio of

products and depth of expertise in delivering

communications solutions for our global

defense, aerospace and security customers.

GE offers a range of military-rugged and

commercial communications solutions

including:

• Routersandswitches

• Packetprocessingsubsystemsforencryp-

tion, compression and traffic shaping

• Cybertoolsforintrusiondetection

and prevention

• Firewalls

• CommunicationsInterfaces

Our research and development operations

help to ensure that your solutions remain at

the leading edge of communications tech-

nology. Whether it is the delivery of raw

bandwidth through 10 and 40 Gig Ethernet,

or the application of MANET protocols

for the airborne networking layer or even

the firewalls used to protect battlefield

networks, we continue to expand what is

possible in communications technologies.

The company is approved to ISO 9001:2000

and AS/EN 9100 for design and manufac-

ture, and is committed to long-term support

of your application. A full Product Lifecycle

Management package that in some cases

has kept programs running for more than

20 years is available for all products.

Enabling and securing the

connected warfighter

MILITARY COMMUNICATIONS

High-performance, secure communications electronics are

at the core of the network-enabled battlefield.

Leading-edge networking

communications solutions

Military operations worldwide

have become increasingly

reliant on the secure communi-

cation of voice, video and data.

Whether it is a UAV transmit-

ting high-definition video for

accurate target tracking or

cloud services delivered over

cellular links to a dismounted

warfighter, advanced commu-

nications technologies can

enable information superiority

and protect a fighting force.

DEFENSE.GE-IP.COM/MIL-COMM

Routing in the Airborne Layer (Air)

Airborne assets such as fighter jets, UAVs,

airships and wide-body aircraft have

become network nodes in a wide-reaching

airborne IP network. These networks are

particularly challenging to deploy and

manage due to their dynamic, sometimes

bandwidth-limitednature.Routerssuch

asGE’sRTR8GEoffermeshnetworking

features and radio-aware routing protocols

to help build the airborne networking layer.

Video Communications

Encryption/Compression (Air)

Streaming video collected by UAVs and

transmitted to forward command centers

canprovidevaluableISRdata.Thecommu-

nications links for this data be encrypted

and compressed. This takes tremendous

processing power. GE’s CPC500 can employ

64 cores as a high-performance crypto and

compression engine in a small, rugged and

low-power package.

Switching Application

Vehicular Networks

Military vehicles are loaded with sensors

and electronics systems. Video and data

streams, target tracking information, vehicle

diagnostics, weapons systems, threat

and chemical detection are just some of

the platforms all connected to a common

Ethernet backbone. GE’s GBX460 rugged

switch provides a robust, manageable 10

GigE interconnect for such applications.

Intrusion Prevention

Firewalls/IA

A network centric battlefield is dynamic

and complex. As these networks grow to

accommodate more sensors and network

nodes, cyber security becomes a major

concern.GE’sRTR8GEruggedbattlefield

router includes a hardware-assisted

stateful firewall and intrusion detection

system to protect against cyber-attack.

The product also features advanced

anti-tamper and information assurance

features to protect data at the halt.

Ruggedbattlefield

networking

Providing secure communications to networked

warfighters

Today’s battlefield, not unlike today’s

commercial business environment, is an

information war zone. As forces seek to gain

a competitive edge through information

dominance, a high-speed, highly available

and secure network becomes critical to

even the basic operations of war. Almost all

modern battlefield assets are connected to a

high-speed IP network with routers, switches

and packet processors at their core.

An insatiable demand for bandwidth is

driving network innovation in delivering

voice, video, and data services in the

commercial world. Military forces are

seeking to leverage these commercial

innovations, but they have additional

requirements and greater challenges to

overcome for battlefield deployments:

RoutingforDynamic

Battlefield Environments

The Internet is based on a static network

configuration. The routers, switches and

network nodes are confined to a datacenter

in a single geographic location and are

usually connected to reliable, high-speed

links. Commercial routers are designed to

operate in this static configuration.

Contrast this to a battlefield network where

network nodes are constantly moving

over dispersed geographic locations, and

network nodes may drop due to enemy

attack or due to unreliable radio links that

suddenly decline in bandwidth. Standard

routing protocols such as the Border

Gateway Protocol (BGP) or open shortest

pathfirst(OSPF)fallshortinsuchbattle-

field networks.

Routersdesignedspecificallyforbattlefield

deployment address the dynamic nature of

the network by implementing specialized

protocolandmanagementfeatures.For

example,GE’sRTR8GEBattlefieldRouter

features radio-aware protocols and quality

of service (QOS) mechanisms that enable

it to monitor and measure radio hop effi-

ciency and effective available bandwidth.

This enables the router to intelligently

direct traffic across the most effective hop

sequence, and when necessary to regulate

traffic flow for QOS.

Cyber Threat Avoidance

andResilience

Any IP-based edge network node is vulner-

able to denial of service attack, unwanted

network access or network sabotage.

Various security-focused tools like firewalls,

network monitoring and intrusion detection

systems are deployed to protect IP networks.

New battlefield routers such as GE’s

RTR8GEhavebeendesignedfromthe

ground up with advanced hardware-

assisted security features:

Firewall

• Bruteforceattackmitigation

• DoSandDDOSprotection

• TCPreassemblyforfragmentedpacket

protection

• Networkattackdetection

• SYNcookieprotection

• Malformedpacketprotection

• Zone-basedIPspoofing

Intrusion Prevention System (IPS)

• Protocolanomalydetection

• Statefulprotocolsignatures

• IPSattackpatternobfuscation

• Customersignaturescreation

• Frequencyofupdates

(daily and emergency)

Information Assurance

and Anti-tamper

Advanced security software and protocols

are designed to protect data as it enters

a network or transfers between network

nodes.Designersofbattlefieldroutersmust

also recognize the potential threat of a foe

physically accessing the router hardware

and accessing critical data stored in it. This

so-called data-at-rest could include infor-

mation about network topology, encryption

schemes, passwords or even snippets of

the network traffic itself. In some instances

an attacker may attempt to insert data, or

malicious code such as a virus or backdoor

access with a Trojan horse.

MILITARY COMMUNICATIONS

TheGERTR8GEbattlefieldrouterincludes

support for memory sanitization through

non-volatilememoryread-only(NVMRO).

This capability ensures that all confidential

information is removed from memory when

therouterisrebooted.NVMROalsophysi-

callylocksNANDsystemstorage,NORboot

flash,andallEEPROMS.

Finally,asanaddedsecuritymeasure,the

internalelectronicsoftheRTR8GEbattle-

field router features physical anti-tamper

mechanisms to alert of an intruder’s

attempt to physically tamper with the

router’s internal electronics.

Ethernet Ubiquity

With the adoption of Network-based

operations, proprietary communica-

tions protocols and equipment have been

replaced by Ethernet and Ethernet switches.

Battlefield system architects require a wide

range of Ethernet switch connectivity options.

Port densities commonly range from one

or two ports to 24 with options for copper

orfiberconnectivity.Datatransportfrom

environmental sensors within a vehicle may

only require 10/100 Ethernet connectivity,

while high-definition video often requires 10

and even 40 GigE connectivity. Some appli-

cations require only simple transport and

static configurations and can therefore be

implemented using a simple, low-cost non-

managed switch. Many others require traffic

management for dynamic network environ-

ments and therefore a switch with advanced

management capabilities is required.

GE offers one of the broadest Ethernet

switch product offerings available on the

military market. Products such as the cost

optimizedNETernityRM981RCofferGigabit

Ethernet connectivity with 12 or 24 ports.

The NETernity GBX460 offers an amazing

20 or 24 ports of 10 GigE with advanced

management capabilities and GE even

offers a switch with up to 15 40 GigE ports

for very bandwidth-hungry applications

Interoperability,Flexibility

and Management

Ethernet everywhere is the stated goal, but

is not necessarily the reality today. There

will always be some sensor or device that

does not connect over Ethernet. In addition,

complications may arise in joint or multi-

national operations where different tactical

battlefield networks must communicate.

Military network assets must be flexible and

or customizable to provide connectivity

in such complex environments where

network management becomes a

major challenge.

GE introduced the OpenWare flexible

network protocol and management suite

to address these challenges. OpenWare

is GNU/Linux-based firmware that brings

together the best of Open Source and

proprietary switch control, routing and

protocol implementations. The flexible

OpenWare environment allows customiza-

tion for specific requirements. Because

OpenWare is completely designed and

owned by GE, we can customize it to meet

specific customer requirements.

DEFENSE.GE-IP.COM/MIL-COMM

MILITARY COMMUNICATIONS

fire control computer

mission computer

driver display

vehicle diagnostics

voip processor

360 situational awareness cams

commander display

satcom station

data radio

win-t isr radio

active protection system

dvr

turret display

sensor array

Redefiningbattlefield

vetronics

Product Type

Common

Use Cases

Networking Security Management

Example

Application

Battlefield Network Gateway

Multi-Network,

DynamicNetwork

Infrastructure,

RemoteManage-

ment, WAN

interface,Firewall,

IPS/IDS,Classi-

fied/Unclassified

traffic, High port

density, advanced

encryption

NAT,Radio-aware

routing(RFC4938,

Credit Based

RadioRouter

Protocol exten-

sions to PPPoE,

R2P),VLAN,

Advanced QOS,

Link Aggrega-

tion, Mirroring,

Port Config,

RateLimiting,

Multicast, MSTP,

VRRP,FOG,RIP,

OSPF,BGP,IPv6

Tunneling,Diff-

Serv

AdvancedDoS,

DDoS,Frag-

mented Packet,

BruteForce,SYN

cookie,Zone-

based IP spoofing,

Malformed

Packet, Protocol

Anomoly detec-

tion, stateful

protocol signa-

tures, IPS attack

pattern obfusca-

tion, Customer

signatures,

CCEAL4,FIPS

140-2 L2, HAIPE

DHCP(Client,

Server,Relay),

SNMP, Config

Profiles, Out of

band, In-band,

CLI (Telnet, SSH,

Console), Web

Interface, API,

SOA

Ground Vehicle

Networks

(VICTORY)w.

ReachForward/

Back WAN

Battlefield Router/Firewall

Multi-Network,

DynamicNetwork

Infrastructure,

RemoteManage-

ment, WAN

interface,Firewall,

IPS/IDS,Classi-

fied/Unclassified

traffic

NAT,Radio-aware

routing(RFC4938,

Credit Based

RadioRouter

Protocol exten-

sions to PPPoE,

R2P),VLAN,

Advanced QOS,

Link Aggrega-

tion, Mirroring,

Port Config,

RateLimiting,

Multicast, MSTP,

VRRP,FOG,RIP,

OSPF,BGP,IPv6

Tunneling,Diff-

Serv

AdvancedDoS,

DDoS,Frag-

mented Packet,

BruteForce,SYN

cookie,Zone-

based IP spoofing,

Malformed

Packet, Protocol

Anomoly detec-

tion, stateful

protocol signa-

tures, IPS attack

pattern obfusca-

tion, Customer

signatures,

CCEAL4,FIPS

140-2 L2

DHCP(Client,

Server,Relay),

SNMP, Config

Profiles, Out of

band, In-band,

CLI (Telnet, SSH,

Console), Web

Interface, API,

SOA

Airborne Network

Layer, UAV w.

Reachforward/

back WAN,

Ground Vehicle

Networks, Mobile

communications

Fully Managed

Layer 2/3 Switch

Multi-LAN,

DynamicNetwork

Infrastructure,

RemoteManage-

ment,Layer2/3

switching and

routing

VLAN, QOS,

Link Aggrega-

tion, Mirroring,

Port Config,

RateLimiting,

Multicast, MSTP,

VRRP,FOG,RIP,

OSPF,BGP,IPv6

Tunneling,Diff-

Serv

Storm Control,

Filtering,Basic

DoSprotection,

DHCPSnooping,

MAC Notification,

Port Security/

Authorization

DHCP(Client,

Server,Relay),

SNMP, Config

Profiles, Out of

band, In-band,

CLI (Telnet, SSH,

Console), Web

Interface

Vehicular System

or Shipboard

RadarDisplay

Networking,

Unmanaged Switch

Single LAN,

Simple data,

Static Network

Config, high port

density, latency-

sensitive traffic

Layer 2 switching N/A N/A System Back-

planes, High

Speed Sensor

interconnects

Networked Sensor Processor

Single LAN, Video

over Ethernet

Sensor Network

XAUIFullDuplex

Ethernet ports, 4

Lane PCI Express

ports, GigE vision

support GVCP,

GVSP

Hardware

assisted Encryp-

tion engines

Programmable

user interface,

standard LINUX

OS, Complete

GigE vision

camaera

management

UAVISRVideo

Processing

Network

Packet Processor/

Traffic Shaper

Multi-network,

bandwidth

constrained

environments,

Classified/Unclas-

sified traffic, Video

Sensor Traffic

High-speed

10gbps links,

optimized to

transport video

streams, Hard-

ware assisted

compression

Hardware

assisted Encryp-

tion engines

Programmable

user interface,

standard LINUX

OS, Complete

GigE vision

camaera

management

Airborne Perfor-

mance Enhancing

Proxies (PEP)

DEFENSE.GE-IP.COM/MIL-COMM

11.11GFA-1848

GE Intelligent Platforms Contact Information

Americas: 1 800 433 2682 or 1 434 978 5100

Global regional phone numbers are listed by location on our web site at www.ge-ip.com/contact

defense.ge-ip.com/mil-comm

All other brands or names are property of their respective holders.

GE NETernity GBX463 Quick start guide

Brand: GE

Model: NETernity GBX463

Type: Quick start guide

Layer 3 routing capabilities, including static and dynamic routing protocols (RIP, OSPF, BGP)
Comprehensive security features, including firewall, intrusion prevention system (IPS), and access control lists (ACLs)
High availability features, including redundant power supplies and hot-swappable components
Advanced traffic management capabilities, including quality of service (QoS) and traffic shaping

Download PDF

report

GE NETernity GBX463 Quick start guide

GE NETernity GBX463 Quick start guide

Related papers

Other documents