1 rating

Bittium Secure Suite

Bittium Secure Suite is a license for secure communication within a closed group. The license is an indispensable part of your workgroup where you communicate with encrypted Bittium phones. Only with a license is communication between devices become completely secure.

Delivery to:
In stock
Code: B03
Brand: Bittium
Category: Encrypted Phones
Security built in layers with Tough Mobile 2

Introducing Bittium Secure Suite


Bittium Secure Suite is your own private communications network through which you manage all your phones and encrypted communications:


  • Mobile VPN
  • Manage mobile and installed apps
  • Remote attestation and firmware updates
  • Log server – records device activity
  • Encrypted messaging
  • Extensively tested and externally audited code base




Thanks to Mobile VPN, you are completely independent of public Internet connection, cloud services and third parties.


Examples of use


The license complies with the high security standards that can be used by security forces, senior civil servants and business executives in everyday work and emergency meetings and events.


A typical example of regular use is the investment group for acquisitions and mergers. An emergency with a need for information security can be a VIP event, such as a political summit and any private and important meeting.


Price of license and telephone on request


Are you interested in purchasing an encrypted phone? The Bittium Tough Mobile 2 pricing, along with the license, depends on the purchased number. In case of a large order we will be happy to show you the phones and train your group in their use.


Management of the mobile phone


Centralized remote management of Tough Mobile and Android security features from the server.


  • Remote update (push)
  • SafeMove VPN management
  • Remote Erase
  • Remote locking
  • Recover device audit log
  • Verified certificates CA
  • Wi-Fi management:
    • SSID configuration
    • Safety measures
    • Qualification


Individual features and security options


  • Device password requirements:
    • Numeric, alphanumeric, complex, password length
    • Up to 100+ parameters can be controlled in total
    • Erase data after password entry is unsuccessful
  • Timeout for password entry
  • Password expiration time
  • Enable/Disable:
    • Software from unverified sources
    • Android Debugging Bridge (ADB) developer settings
    • Bluetooth
    • Camera
    • MMS sending and receiving
    • Location services
    • iZat (Qualcomm AGPS)
    • Android connectivity test
    • Audio settings
    • Control application settings
    • Cell broadcast
    • Configuration of device credentials
    • Mobile operator configuration
    • Tethering
    • VPN configuration
    • Wi-Fi configuration
    • User forced factory reset
    • Install and uninstall applications
    • Account management
    • Connecting external media (USB, SD card)
    • User-forced network settings reset
    • Outgoing NFC rays
    • Outgoing calls
    • SMS
    • Adjust the microphone volume
    • USB file transfer


Mobile application management


  • Managed private application library for downloading applications to your device
  • The application installation base is always up to date with new versions and security fixes


Remote attestation


Tough Mobile TPM (Trusted Platform Module) cryptographic hardware ensures that the remote device is exactly as it left the factory and carries unmodified official firmware. Remote Authentication Service allows you to use integrity checking for MDM, VPN gateway, and third-party services.


  • Integrity of key hardware and software components remotely controlled by TPM
  • Integration with VPN access control
  • API for integration into third-party services


Wireless firmware updates


Full control over which devices are updated, when and by which firmware.


  • Automatically retrieve updates
  • You can assign updates for a device or group
  • Optionally VPN protected


Log Server


  • Analysis of visual protocols for effective incident response and even proactive incident avoidance
  • Collection and analysis of log data so that the administrator always has an up-to-date overview of what is happening on the device and infrastructure side


Secure messaging


A secure and scalable push system that can be easily deployed into applications. Known APIs similar to conventional cloud messaging systems.


  • Low energy requirements
  • Low latency
  • Low bandwidth
  • TLS security, optionally VPN


Supported server platforms


  • SMR330 SafeMove device
  • Vmware™ virtual device


Mobile VPN


  • IPsec, IKEv2
  • Integrated firewall and IPsec
  • The application is always on and cannot be bypassed
  • Requires remote authentication for VPN access
  • Extensively tested and externally audited code base


Mobile VPN Crypto


  • CNSA/NSA suite B compatible
  • SHA2-512
  • AES-256, SERPENT
  • ECDH groups 19,20, 21 (NIST) and 27,28,29 and 30 for IKEv2 (Brainpool)
  • ECDSA certificates
  • RSA keys to 16k