AMSEL Advanced Modular Secure Embedded Linux
AMSEL is a embedded Linux distribution for Firewall and IPSec-based VPN gateway applications. AMSEL comes on CD-ROM together
with a user manual and a reference platform board (DIL/NetPC ADNP/1520 Application Board MB/1520-100). AMSEL consists of five
basic modules: The basis forms a fully developed 2.4-Linux-Kernel with numerous basic network functions. There are different
packet filter functions for OSI Layer 2 and Layer 3 as well as IPSec-based VPN functions and an AMSEL Build Process (ABP)
available.
The AMSEL CD-ROM comes with some sample configurations for OSI Layer 2 (Data Link Layer) and OSI Layer 3 (Network Layer) Firewalls
as well as IPSec-based VPNs (Virtual Private Networks). AMSEL is 100% Open Source software. Running one AMSEL configuration on
different platfoms is possible without any licence fees.AMSEL is a co-operation project between .vantronix | secure systems
and SSV Embedded Systems. Please visit the AMSEL web site for more information.
AMSEL Kernel Key Features
AMSEL is build around a Linux kernel version 2.4 together with some security enhancements and patent-free real-time extensions. AMSEL
is bootable from (MTD) Flash, disk drives or over Ethernet-based networks.
|
- Security Enhancements (Stack-Smashing Protection)
|
- Patent-free Real-time Extensions with Adeos and RTAI
|
- Command Line Interface (CLI) for a Linux Serial Console
|
|
- Bootable from (MTD) Flash, Disk Drives or Ethernet-based Networks
|
- Root File System within RAM Disk or NFS-based
|
AMSEL Basic Network Functions Key Features
AMSEL comes with many build-in network functions. IPv4 and IPv6 protocol support, IP, TCP,
UDP, SCTP, SSH, PPP, HTTPS-based web server and OpenSSL are some examples.
- TCP/IP Stack with IPv4 and IPv6 Protocol Support
|
- Layer 2 and 3 with IP, TCP, UDP, SCTP (Stream Control Transmission Protocol)
|
- Support for Systems with more than one Ethernet LAN Controller
|
- Integrated Ethernet Bridge Functions ( IEEE 802.1d MAC Bridges)
|
- Support for Virtual LANs (IEEE 802.1q-based VLANs)
|
- QoS Features (IEEE 802.1p und 802.1q)
|
- NetRPC Extension for very fast Execution
|
- SSH Support (OpenSSH-based)
|
- PPP Support with the Help of a Point-to-Point Protocol Daemon
|
- Integrated Embedded Web Server (HTTP/HTTPS)
|
- DHCP Server and Client Support
|
- SMTP Email Support for automated Alert Message System
|
|
- Support for Linux Virtual Servers
|
AMSEL IPSec/VPN Support Key Features
AMSEL supports IPSec-based VPN (Virtual Private Network) gateway configurations for Host-to-Host and
LAN-to-LAN applications. AMSEL offers different data encryption algorithms, shared key or PKI-based
authentication and X.509 support.
- KAME Project-based Implementations of IPSec Protocol for IPv4 and IPv6
|
- Support for IPSec Tunnel Mode or IPSec Transport Mode
|
- Data Encryption with the Help of a Scatterlist CryptoAPI
|
- Different Data Encryption Algorithms: AES, Twofish, Blowfish, Serpent, DES,
3DES, SHA-1/SHA-2 (256 und 512 Bits), MD4 and MD5 Hash Algorithm with HMAC Support
|
- Deflate Compression Support
|
- ISAKMP Support (Internet Security Association and Key Management Protocol)
|
- KAME Racoon Key Management Daemon
|
- Shared Key or PKI-based authentication
|
- X.509 Support (RFC 2459: X.509 Public Key Infrastructure)
|
- DNS Security Extension (RFC 3008: Domain Name System Security (DNSSEC))
|
- Authentication and Key Exchange with the Help of AES, DES/3DES, Blowfish, SHA-1/SHA-2 und MD5
|
- Some IPSec-based Sample Configurations for Host-to-Host and LAN-to-LAN Applications
|
AMSEL Packet Filter (Firewall) Functions Key Features
AMSEL contains all components to build a OSI Layer 2 and OSI Layer 3 Firewall. Thereby packages can be filtered on the Ethernet MAC
and IP protocol level. In this way a set of rules is possible, which permits only a certain computer to access a subnet.
- Ebtables- and arptables-based Packet Filter for the Ethernet MAC Level
|
- Iptables-based Packet Filter for the IP Protocol Level
|
- SPI (Stateful Packet Inspection) for IP Protocol Packets
|
- Extensible and Modular Packet Filter Concept
|
- Simple Configuration for all Packet Filter Functions
|
- BNF-based (Backus-Naur-Form) Configuration Language
|
- Syntax and Role Check before Execution
|
- Very fast execution mode for all Packet Filter Functions
|
- Some Sample Configurations for Packet Filter Applications at MAC and IP Protocol Level
|
AMSEL Build Process (ABP) Key Features
The AMSEL build process allows the creation of own Firewalls and VPN gateway configurations. The AMSEL distribution
CD-ROM offers different packages. The build process sets parameters and selects packages and functions for a target
application.
- Set-up your own AMSEL Configuration
|
- Use a PC and build a AMSEL Configuration for your Target Platform / Application
|
- Add binary Packages without a new Compiler run
|
- Remove and Update of single Packages
|
- System fixing at Package Level
|
- AMSEL Updates via Repository Server from Internet
|
- Some Sample Configurations with detailed Documentation
|
AMSEL Reference Platform Key Features
The AMSEL reference hardware is the DIL/NetPC ADNP/1520 Application Board MB/1520-100. This board offers a low power DIL/NetPC
with 3 Ethernet LAN interfaces and a RS232-based command line interface to the Linux operating system.
- AMD 32-bit SC520 Low Power IA-32 586 CPU with 133 MHz
|
|
- Flash (AMSEL is using 16 Mbytes the memory space for booting-up)
|
|
- 1 * 10/100 Mbps Ethernet LAN Interface (LAN1: RJ45 Connector)
|
- 2 * 10 Mbps-Ethernet LAN Interface (LAN2, LAN3: RJ45 Connectors)
|
- RS232 Interface for Linux Serial Console (Sub-D, 9-pin Connector)
|
- Programmable Watchdog (System Supervisor)
|
- CompactFlash Slot for CF Cards with True IDE Mode
|
|
- 3,3 Volt Low Power Design
|
- Power Supply with simple 5 VDC Wall-Plug Type
|
- Board Dimension 100mm * 160mm
|
AMSEL Ordering Information
Ordercode |
Product |
AMSEL-KIT1 |
Two CD-ROMs (AMSEL CD-ROM, AMSEL Install CD-ROM). One printed User Manual. |
SSV EMBEDDED SYSTEMS. Board Level Products. File: dnp0050.htm, Last Update: 30.Jan.2012
Copyight (c) 1996 - 2012 SSV and KDW. All rights reserved.
webmaster@ist1.de
|