PacStar Enterprise CSfC Solutions

Enterprise CSfC Solutions (ECS)

Gateway services for classified networks using COTS products to meet security and configuration requirements of the National Security Agency (NSA) Commercial Solutions for Classified (CSfC) program

PacStar ECS enables DoD and Federal organizations to transmit classified information

Using commercial encryption components, PacStar ECS enables executive mobility (i.e. laptops and smartphones), site-to-site extensions of classified networks (i.e. expeditionary kits, branch offices, multi-building campus), and classified campus-area wireless connections.

PacStar ECS is a family of gateway solutions that scale from small installations with less than 100 secure connections to large enterprise-class services supporting thousands of concurrent users. PacStar ECS designs are based on PacStar’s extensive experience developing tactical CSfC solutions. It is fully supported by PacStar expert CSfC engineers and can be customized to meet program requirements.

PacStar ECS offers rapid implementation of CSfC solutions, lowering costs and reducing risk by providing fully integrated, tested, and proven solutions for mission critical communication. PacStar ECS is managed by PacStar IQ-Core® Software to simplify maintenance, unify management, reduce complexity, decrease downtime, and shorten training for PacStar ECS administrators.

PacStar ECS significantly reduces equipment costs over Type 1 encryption hardware and enables U.S. Coalition Partner interoperability without using controlled cryptographic items (CCI).

Reduce Cost
Built on industry leading networking technology which reduces training and support costs

The networking technology and capabilities provide maximum compatibility with DoD and coalition networks

The core networking, encryption, and PKI technologies integrated into PacStar ECS are Common Criteria certified

PacStar ECS ensures maximum security by using enterprise-class technology from the most widely deployed cybersecurity industry partners in the U.S. DoD

PacStar IQ-Core Software ensures the system complexity will simplify network management for the operators

Solution Architecture

PacStar ECS, combined with PacStar’s technical expertise, integration, testing, and certification experience, provides CSfC networking solutions for fixed installations based on approved COTS rack-mount equipment PacStar ECS uses independent, layered COTS products and the approved Commercial National Security Algorithm (CNSA) suite of cryptographic algorithms to protect classified National Security Systems (NSS) data-in-transit up to the Top Secret level.

PacStar ECS architecture for mobile VPN access includes:

  • Outer VPN gateway
  • Traffic Filtering Firewall/IDS
  • Management (IQ-Core NCM and Crypto
  • Manager)
  • Network Services (Domain Services,
  • Certificate Authority)
  • Inner VPN gateway


PacStar IQ-Core Networking Communications Manager (NCM) and IQ-Core Crypto Manager (CM) are used within PacStar ECS to simplify and unify configuration management, situational awareness, and real-time VPN monitoring. IQ-Core CM is purpose-built to meet the essential Key Management Requirements for CSfC systems and dramatically simplifies the error-prone process of issuing, managing, and renewing the PKI certificates.

This architecture allows multiple simultaneous transports to be supported without additional changes in the encryption scheme. Transports can include terrestrial circuits, WiFi, cellular, satellite, etc. Additionally, multiple security domains can share those transports with the addition of CSfC-components.