Milspec Communication Canada Logo Sentinel PDSO
(Packet Data Security Overlay)

home icon Home  |  COMSEC  |  Sentinel PDSO

Welcome to the Sentinel PDSO equipment page.

If you have anything to contribute, please use the link bellow and send me an e-mail.

Thank you.

Sentinel Packet Data Security Overlay (PDSO)
Sentinel Packet Data Security Overlay

Back to COMSEC page.Sentinel PDSO
The Sentinel Packet Data Security Overlay (PDSO) is a system which provides secure network communication services to data terminal equipment (DTE) that use an X.25 line to access packet switching networks.

A PDSO network consists of a Security Management Facility (SMF) and Sentinels. The SMF performs operations, administration and maintenance functions. The Sentinel provides end-to-end encryption of user data and authentication to ensure that two Sentinels are permitted to communicate with each other.

A Sentinel is located on the data connection between the customer (DTE) and the packet switching network. Each Sentinel is the network is controlled by the SMF. The SMF provides information to the Sentinel to ensure that the DTE only establishes X.25 calls to the other DTEs it is authorized to communicate with.

There are two different Sentinel models: RS232 and RS530. Each Sentinel is identified by a model number located on the bottom of the Sentinel. The RS232 model number is NTA005AB and the RS530 model number is NTA005AA.

The Sentinel system was first introduced in January 1992. See bellow to view the original press release.

Status indicators
Liquid crystal display (LCD)
Two push-buttons, menu driven application and settings
Token interface
External data interfaces (2 x DB-25 connectors, Plaintext & Ciphertext)

Line Requirements and Operating Modes Full duplex, synchronous over switched X.25 circuits.
Data Transfer Rates Synchronous speeds of up to 64 Kbps
Supports 128 virtual circuits
Cryptographic Algorithm Implementation Data Encryption Standard (DES)
Rivest, Shamir and Adleman (RSA)
Diffie-Hellman (DH)
Digital Interface V.24, V.35, RS-530


C-62-261-002/MS-000 Sentinel User Guide No PDSO1-1
C62-262-000/MS-000 SMF Operations and Maintenance

Model No. NTA005AA 5810-21-908-9389
Model No. NTA005AB 5810-21-908-9364

Northern Telecom
Brock Telecom

Sentinel Press Release


Toronto, January 10, 1992 -- Northern Telecom, a leading telecommunications research and manufacturing firm, today announced the Packet Data Security Overlay (PDSO) system which provides end-to-end security for X.25 data communication systems.

The company also announced the first contract for PDSO, awarded by the Canadian Department of National Defence (DND), valued at over CDN$ 5 million, to secure sensitive, non-classified information transmitted over DND's DPN data network.

"We are proud that Norther Telecom, a pioneer in data communications, has succeeded in producing a security system under the stringent guidelines of the federal government's Communications Security Establishment's (CSE) Cryptographic Endorsement and Acceptance Program (CEAP). PDSO will provide the required authentication, data confidentiality and data integrity for sensitive government information", said Major Jean Maurice Moreau of the Department of National Defence.

"The biggest challenge facing data network managers today is to cost-effectively safeguard the privacy and integrity of data, while also ensuring timely access to the data by authorized personnel", says Charles Drayton, vice-president for Northern Telecom's data communications products.

"PDSO meets this challenge. It requires fewer personnel and equipment than other security systems, which need devices at every switching point in the network. PDSO offers savings and improved performance and reliability for the network manager. It eliminates the usual tradeoffs between the need for data security and the costs required to provide it, and this is real value to the network manager and the organization", he added.

This is becoming increasingly important as organizations depend on their data networks for mission-critical applications.

PDSO requires a Sentinel data security device only at the sending and receiving ends of the network. Electronic key management is handled automatically using the security management facility.

Additional Technical Information
PDSO employs a specially designed process called authenticated key exchange, enabling communicating devices to agree on the cryptographic keys to be used for each call and to verify each device's identity. The data is then encrypted, or put in a code that can be read only by the authorized receiving device.

Using multiple cryptographic techniques, the PDSO approach combines a conventional cryptographic system, the Data Encryption Standard (DES), with public key cryptography using the Rivest, Shamir and Adleman (RSA)* algorithm, and adds another dimension of security with the Diffie-Hellman (DH)* algorithm.

Each algorithm provides specific benefits to overall network security. DES offers both high-performance and standardization for encryption of data traffic, while Diffie-Hellman ensures the secure creation of DES keys. RSA is used to authenticate the identities of the communicating devices.

*DPN-100 and Sentinel are trademarks of Northern Telecom. RSA and DH are licensed exclusively by Public Key Partners of Sunnyvale, California.

For further information, contact:

John R. Lawlor                                   MaryLynn Hillier
Northern Telecom Canada               Northern Telecom Canada
2920 Matheson Boulevard East      2920 Matheson Boulevard East
Mississauga, Ontario                        Mississauga, Ontario
L4W 4M7                                            L4W 4M7
(416) 238-7147                                  (416) 238-7162

Please click here to send your comments or suggestions.

Revised: June 08, 2017
(C) 2006-2024, Richard Lacroix. All rights reserved.

You are visitor:
Hit Counter
since March 10, 2006

Information & Security Disclaimer