Time Tested Cybersecurity

Blue Ridge Networks BorderGuard solution is built on a decade and a half of offering the best combination of security, performance, reliability, and price in the industry.

BG6000
              BorderGuard 6600 Appliance

BorderGuard systems have been deployed around the world in support of the most demanding secure communications applications without a known security breach. In addition to proven security, BorderGuard protection is known for reliability - enhanced by total path redundancy and automatic failover for peace of mind.

BorderGuard System Features

         
  • Layer-2 Session Isolation
  •      
  • Pre-place Public Key (PPPK) Two-Factor Authentication
  • DoD PKI / Standards Based Authentication - X.509, OCSP, CRL
  • Hardware Accelerated AES Encryption
  • Extended RSA Keys - 2048 and 4096
  • Built -in PKI
  • IEEE 802.1Q VLAN Support
  • Interoperable with DoD JITC PKI
  • Communications Media and Protocol Agnostic – supports wire, wireless, satellite
  • HSPD-12 Compliant
  • PKCS#11 Smart-Card Compatible
  • Red List Revocation Capability
  • Supports Green List Custom Groups
  • Dynamic Updates to End-Point Security Policies
  • Supports EdgeGuard Remote Access Solutions
  • Securely Connects BorderGuard RemoteLinks at Remote Offices and Mobile Sites
  • Central Management using BorderGuard Management Console

High Assurance Security

BorderGuard forwards only packets from external connections to inside ports that have been cryptographically authenticated. Conversely, the only packets that leave a BorderGuard are those that are encrypted and sent to an authenticated destination. BorderGuard does not respond to unauthenticated sources.

Strong two-factor authentication scales to meet the escalating needs of the organization and offers a higher level of security than password-only systems while maintaining user convenience. Each BorderGuard has a unique RSA public key digital certificate-based identity, and must mutually authenticate using these certificates. Session authentication using passwords or a “shared secret” is not secure and, therefore, not supported by BorderGuard. Our method of mandatory, mutual authentication eliminates the possibility of an attacker entering network sessions via identity spoofing or a man-in-the-middle attack.

Over the years, BorderGuard systems have earned numerous certifications and equipment validations, including JITC, TIC, Common Criteria, FIPS 140-2, HIPAA, and DoD SPOCK for use in highly controlled environments.

Interoperable and Flexible

The versatile BorderGuard includes its own built-in PKI, but it can also leverage your existing public key infrastructure (PKI), including X.509 certificate authorities as well as OCSP and CRL checking. Administrators are relieved of the tedious task of manually configuring certificate authority hierarchies by the BorderGuard system’s automatic certificate path discovery and path validation mechanisms.

Supporting geographically and technologically diverse organizations has never been easier. BorderGuard systems are ready to deploy with minimal setup tasks, and multiple systems can be grouped to support load spreading options as well as fault tolerant configurations. The fault tolerant options allow BorderGuard to support a variety of geographically separated solutions for high availability and business continuity.

To meet the rising demand for wireless devices, Blue Ridge has extended its proven security architecture to all of its remote access offerings allowing seamless roaming that maintains tunnel connectivity across any communications media (wired, wireless, satellite, etc) and is protocol agnostic.

Different Models for Different Needs and Budgets

BorderGuard Model Site to Site Remote Access Two Factor Authentication Ethernet Ports Maximum AES256 Throughput (Mbps) Maximum Concurrent Tunnels Maximum RSA Key
6100
2x 10/100 20 150 2048
6200 3x 10/100 45 300 2048
6400 3x 10/100 100 600 2048
6500 1x 10/100
2x 10/100/1000
200 1000 4096
6600 1x 10/100
2x 10/100/1000
400 1500 4096


BorderGuard 6000 Specifications

The BorderGuard includes AES and Triple-DES encryption algorithms as well as HMAC SHA-1 and SHA-256 algorithms for data integrity. Its approach to public key cryptography applies RSA keys (512, 1024, 2048 and 4096) and Diffie-Hellman key exchange. BorderGuard appliances are 1U rack mountable devices weighing 8.2 pounds and having the following dimensions: height 1.74 inches, width 17.0 inches, and depth 12.0 inches. The appliances function with 100-120 VAC / 200-240 VAC, 50 / 60 Hz and 2 amps maximum within an environment of 41 to 113 degrees Fahrenheit, 10% to 90% humidity (non-condensing) and at an altitude of -150 to 10,000 feet.

Easy to Manage

The BorderGuard Management Console (MC) is a pre-configured appliance that drops into your network, centrally and securely managing all site-to-site and remote access connections. The MC’s easy to use browser-based interface supports role based administration, provisioning options and collection of audit logs. The comprehensive audit facility collects log data across all deployed systems to support live data review as well as off-line trends analysis, resource modeling and report generation. In addition, step-by-step wizards are available as administrator training tools.


Download BorderGuard Data Sheet for BorderGuard 5000: Download BG5000 Data Sheet

Download BorderGuard Data Sheet for BorderGuard 6000: Download BG6000 Data Sheet


Remotely connect to a BorderGuard site with BorderGuard RL.

Contact a Blue Ridge Networks cybersecurity professional to learn more about how we can help address your IT security needs.