American-designed and -manufactured cyber
security-ready system isolates SIPRNet/NIPRNet domains or separates
Red/Black boundaries, replacing twelve
systems with just one 1.75-inches high by 19-inches deep
box.
General Micro Systems, Inc. (GMS) today announced the S1U401-MD
“Cyclone,” a 1U rackmount, multi-domain server and multi-port
Ethernet switch/router based on the Intel® Xeon® E5 server CPU.
Designed for lowest price, space efficiency and ultimate
battlefield network security, the product is a rugged packaging
marvel.
Each of the two isolated domains (Red/Black) in S1U401-MD boasts
six times the functionality of traditional imported
motherboard-based blade-servers—making the 1U Cyclone a twelve-time
improvement over traditional systems. Equally important is the 100
percent USA design and manufacturing, removing risk and doubt about
foreign-sourced server motherboards.
Isolating Red and Black network domains to ensure security or
designing for redundancy is normally accomplished by at least two
chassis: one full depth box for each Red and each Black network
domain. S1U401-MD adds more, however: 1) two physically separate
servers with extreme speed PCIe Gen 3 backbones; 2) two separate
Ethernet multi-port switches with 1/10/40 Gigabit Ethernet (GbE)
ports on separate secure subnets; 3) two separate optional routers;
4) eight encrypted RAID-ready removable Gen 3 speed NAS drives; 5)
two add-in PCIe expansion slots for encryption or GPGPU processing;
and 6) up to eight add-in sites for military I/O such as
MIL-STD-1553 or CANbus.
The S1U401-MD’s six functions per domain are ideal for the
Army’s multi-domain battlefield and command networks; for the
Navy’s and Marines’ shipboard op centers and command/control; and
for the Air Force’s airborne C4ISR platforms because Cyclone is
available in rugged 110/220 VAC or 28 VDC voltage versions.
“This incredible multi-domain product is the result of nearly 40
years’ experience in designing ultra-compact computer boards and
systems,” said Ben Sharfi, CEO, General Micro Systems. “Only GMS
could do a 6:1 space reduction per domain in a 1U high chassis
while pricing it for less than others can provide for the server
function alone.” Of course, S1U401-MD doesn’t compromise on
security or ruggedness. “Cyclone’s density is unheard of, which is
why we designed our own motherboard that’s one-quarter the size of
something from Supermicro,” Sharfi said. “No one else could
accomplish all this security, functionality, performance and
ruggedness in only 1U.”
CPU/RAM/Power
Each S1U401-MD has two domains—one for Red networking and one
for Black networking. Each domain has up to an 18-core Intel Xeon
E5 server-class CPU and can be powered via 110/220 VAC or 28VDC per
MIL-STD-1275. Each domain’s CPU can support 36 virtual machines, or
a whopping 72 VMs for the entire S1U401-MD system in 1U space.
There is up to 512 GB of error-correcting DDR4 at 2133MTS per CPU
domain—enough memory for complex database operations, routing
tables, or enterprise-class processing on the rugged battlefield.
Cyclone utilizes all the processor’s available 40x PCIe Gen 3 lanes
at 8 Gbits/s to communicate with the drives, networking and I/O in
each domain.
Storage
Cyclone has four front panel removable drives per domain (eight
total drives), and each SAS/SATA/NVMe drive is accessed at the
industry’s fastest Gen 3 speeds via SATA III, SAS-3 or PCIe Gen 3.
Drives can be encrypted for ultimate security, and they function as
network-attached storage (NAS). At 12 TB/drive, S1U401-MD has an
impressive 96 TB of total storage. Cyclone supports RAID 0, 1, 5,
10, and 50 via software or the onboard encrypting hardware RAID
controller. On-the-fly encryption to/from the drives is unique and
essential for secure Red/Black networks. Low latency NVMe drives
use PCIe Gen 3 and can be 50 percent faster due to the direct
CPU-to-drive PCIe connection, making Cyclone an ideal
server/NAS/router or battlefield SIGINT data recorder.
Multi-Domain Networking
Each of the two high-assurance isolated domains (Red/Black)
shares no resources, not even the power supply, and starts with one
1GbE and two 10GbE ports for lowest cost. A fully equipped system
adds (per domain) two 40GbE fiber ports and twelve additional
secure 1GbE ports, each with their own subnet mask—giving the
entire S1U401-MD a total of 26x 1GbE, 4x 10GbE and 4x 40GbE ports.
This security architecture is unique and provides each LAN port its
own subnet mask to avoid data crossover between the ports except at
the CPU itself. Enterprise-class software routers from Cisco®
(1000V™ Series Cloud Services Router (CSR)) and Juniper® are
available. Each domain supports power-over-Ethernet (POE+),
supplying up to 150 W (total) to directly power remote nodes such
as sensors and to simplify wiring.
Other I/O
Additional standard I/O for each domain includes four USB 3.0
ports, one 1GbE Ethernet, and a DVI-I port for a user console
interface. S1U401-MD can also interface to legacy defense systems
as well as communicate with all manner of sensors by adding I/O
such as MIL-STD-1553, CANbus, or Serial Ports, using two SAM I/O™
(PCIe-Mini) sites. There is also a PCIe add-in slot that can accept
any industry-standard low-profile PCIe Gen 3 card such as GPU,
GPGPU or hardware RAID controller. S1U401-MD’s architecture is U.S.
Army VICTORY conformant.
Besides the Red/Black separation, a zeroize function
(“panic”-initiated) is available to securely erase all non-volatile
storage in each domain—a non-trivial feature designed to avoid a
repeat of the US/China Hainan Island incident. As well, GMS owns
the BIOS, which offers users assurance against malware and
rootkits, plus allows modification for special security functions
such as Anti-Tamper/Intruder Alert. There’s a TPM 2.0 for root of
trust and to verify crypto keys. An optional BMC Management Module
provides out-of-band management via LAN.
Application Examples
As cyber-security threats grow, the Department of Defense and
service branches are hardening worldwide networks by separating
secure from insecure through Red/Black isolation and Multiple
Independent Levels of Security (MILS). With a Red side and a Black
side, S1U401-MD’s low weight and small size make it deployable on
many ground, air, and shipboard platforms. S1U401-MD is also ideal
for enterprise/cloud data centers or server rooms where the 12:1
size/weight/power reduction is a smart upgrade by combining all the
server/switch/router/NAS/Input-Output into one domain, and by
combining two domains into only a 1U shelf. Two S1U401-MD boxes can
even be mounted back-to-back in a deep 1U shelf.
- For more information regarding GMS
products, please visit: www.gms4sbc.com
- Additional S1U401-MD press materials
can be found
at: http://www.gms4sbc.com/press/S1U401-MD/S1U401-MD_datasheet
- High resolution product photos
available at: http://www.gms4sbc.com/press/S1U401-MD/
- Reader Service Contact: Jonathan
Malaney 772-266-4015 ext. 402, jmalaney@gmseast.com
GMS will showcase the new system at the Association of the
United States Army (AUSA) annual meeting in Washington D.C., Oct.
9–11, 2017.
Come see us at AUSA booth #7249 upstairs in Halls D and E.
About General Micro Systems:
General Micro Systems (GMS) is the industry expert in
highest-density, modular, compute-intensive, and rugged small
form-factor embedded computing systems, servers, and switches.
These powerful systems are ideal for demanding C4ISR defense,
aerospace, medical, industrial, and energy exploration
applications. GMS is an IEC, AS9100, NIST-800-171, and MIL-SPEC
supplier with infrastructure and operations for long-life,
spec-controlled, and configuration-managed programs. Designed from
the ground up to provide the highest performance and functionality
in the harshest environments on the planet, the company’s highly
customizable products include GMS RuggedDNA™ with patented
RuggedCool™ cooling technology. GMS is also the leader in
deployable high-end Intel® processors and a proud Intel®
partner since 1986. For more information,
visit www.gms4sbc.com
View source
version on businesswire.com: http://www.businesswire.com/news/home/20171009005337/en/
Hughes Communications, Inc.Kelly Wanlass,
801-602-4723kelly@hughescom.netorGeneral Micro SystemsChris Ciufo,
360-921-7556cciufo@gms4sbc.com