Technical Specifications

Product Type Description

Identity Authority Manager – Industrial

Software Version

V1.0.0

Hardware Version

V1.1

Processor Type

Xeon E3-1505L v5 (4C/8T, 2.0 (2.8) GHz, 8 MB Cache, iAMT)

SSD

240 GB solid-state drive SATA

Memory

DDR4-2400, SO-DIMM, 16 Gbyte

Slots

1xPCIe(x4), with card retainer

Interfaces

3x Ethernet (RJ45) (100Mbps, 1Gbps)
4x USB 3.0 (PKL-INDU-APP-LRP-TA-SW)
3x USB 3.0 (PKL-INDU-APP-LRP-TA-HW)

Monitoring

Temperature
Watchdog
Status LEDs
Monitoring via Network

IP Degree of Protection

IP20

Operating Temperature

Dependent on installation. With one expansion card (with max. load 12W) in Restricted Access Location (RAL): +5°C to +35°C (+41°F to +95°F)

Storage / Transport Temperature

Min: -40°C ( -40°F)
Max: +70°C (+158°F)

Mounting

DIN rail, wall mounting, portrait mounting

Design

Box PC, built-in unit

Type of Supply Voltage

24 V DC

Mains Buffering

20ms

Export Control Regulation

AL: N; ECCN N (inside US ECCSN: 5A991)

Commodity Code

85176200

Country of Origin (COO)

Germany

Interface Type

Custom

Physics

Ethernet, USB 3.0

Segregated Network

Yes

Number of Ports

1

Security

Optional: Configurable TLS connection (via Ethernet)

Integration

Python-based integration framework to transfer incoming message to IdAM standard message format

Virtual Machine Support

Optional (in planning)

Interface Type

CMP version 2

Physics

Ethernet

Segregated Network

Yes

Number of Ports

1

Security

Optional: Configurable TLS connection

Interface

Browser-based administration

Physics

Ethernet

Segregated Network

Yes

Number of Ports

1

Security

Optional: Configurable TLS connection

CA Management

Built-in CA Management to configure CA Service Interface.

Signer: Support for PKCS#12 token.

Access Control

Role-Based Access Control, based on username and password.

Rule Engine

Framework for building event-based workflows. Support of Messages, Rule-Nodes, Rule Chain.

Node classes: Filter Nodes, Enrichment Nodes, Transformation Nodes, Action Nodes, Custom Nodes.

Dashboard

Free configurable, access via browser

Alarm Management

Via email alert

Secure Storage

Optional. Available with or without built-in Hardware Security Module (HSM).

Algorithm

Software
AES, Triple DES, DES, (ECB, CBC, OFB, CFB, CCM, GCM, OCB)
RSA, DSA,
Elliptic curve (NIST; ECC, Brainpool, ECDS, ECDH)
MD5, SHA-1, SHA-2, SHA-3, RIPEMD-160 

Hardware 
RSA, ECC, AES
SHA-1, SHA-256, SHA-384, SHA-512,

Key-length and curve support

Software 
RSA 1024-4096 Bit, ECC 192-521 Bit, AES 128-512 Bit
SECG / NIST P-192, P-256, P-384, P-521 (secp192r1/prime192v1, secp256r1/prime256v1, secp521r1/prime521v1); RFC 5639: brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r

Hardware 
RSA 1024-4096 Bit, ECC 192-521 Bit, AES 128-256 Bit
SECG / NIST P-192, P-256, P-384, P-521 (secp192r1/prime192v1, secp256r1/prime256v1, secp521r1/prime521v1); RFC 5639: brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r

Capacity

Software
200 x ECC-521 Key; 350 x ECC/AES-256 Keys; max. 40 x RSA-4096 Keys, max. 80 x RSA-2048 Keys

Hardware
150 x ECC-521 Keys, max. 300 x ECC/AES-256 Keys, max. 19 x RSA-4096 Keys, max. 38 x RSA-2048 Keys

Certificate Management

CMP version 2.
Supported message types:
Ir[0] CertReqMessages, Initialization Request
Ip[1] CertReqMessages Initialization Response
(with implicit confirm flag set; PoP (Proof of Possession); 'RAVerified' only)

Backup / Restore

Integrated Backup Restore concept

Logging

Central log file via system log (sys-log)