Secure networks for critical infrastructure RADiflow addresses the emerging risk of cyber attacks on critical SCADA systems • SCADA security tool set integrated in ruggedized routers • Per port DPI (Deep Packet Inspection) SCADA Firewall • Encrypted IPSec VPN tunnels over Cellular & Fiber • Variety of interfaces (Serial, Cellular, Fiber, Cooper, TDM) l • Central cyber security management & monitoring tool Service Aware Key Capabilities Security • Detailed service-aware inspection of leading SCADA protocols: ModBus, IEC 101/104, DNP-3, IEC 61850 • Distributed per-port Deep-Packet-Inspection Firewall at each remote sites • Network Learning - For easy deployment of distributed Firewall rules • Central iSIM NMS - for managing distributed Firewall security devices Multi-access VPN • Supporting variety of network access interfaces with resiliency mechanisms • IPSec VPN tunneling to secure the application traffic when using untrusted network infrastructure • support for x509 certificates for secure key management • Integrated Dual-SIM 2G/3G/4G cellular modem as primary up-link or back-up Integrated Physical & Cyber security • Roll Base Access Control (RBAC) DPI firewall based on physical access • Firewall Rules per User - To allow full control of user’s operation in the network. • Restrict user access using two factor authentication synchronized with physical access control • Integrated with SIEM servers for consolidated security management Serial migration services • Legacy RS-232/RS-485 serial interfaces with an integrated protocol gateway to an IP-based SCADA network • Support for leading automation protocols: ModBus, IEC 101/104, DNP-3 and more • Transparent tunneling of Serial data-streams between multiple devices • Terminal server and Virtual COM-port models for direct connection of a computer to serial devices Applications Case Studies Smart Grid • SCADA firewall deployed in every sub-station to validate the critical distributed automation (DA) commands • Easy deployment using integrated cellular modem with VPN & 2 SIMs for mobile operator redundancy • Serial interfaces with protocol gateway for connectivity of legacy IEDs • Discrete relay I/O lines for remote monitoring and control of physical alarms Power Utility substation • Validating the SCADA application behavior between the control center & the substation RTUs • Optional IPSec encryption of backbone traffic when using non-secure links (wireless, leased lines, etc.) • Support for IEC61850 sub-station LAN traffic including GOOSE multicast messages & IP routing segmentation • Integrated serial interfaces with protocol gateway functionality for smooth migration of legacy IEDs Oil & Gas • Unified networking for SCADA & CCTV in remote sites using Serial, Ethernet and PoE • Distributed DPI firewall for ModBus TCP and Serial ModBus RTU flows • Remote management over Cellular & Fiber with VPN & resiliency mechanisms • Two factor authentication of remote users for secure maintenance Smart City • Cellular modem enables backup connectivity in case of failure in primary link • Validating the remote control of automation devices such as traffic lights • Up to 8 PoE+ ports to power CCTV cameras and radio equipment • Integration of cyber security events into the SOC (security operation center) RADiFlow portfolio Secure networks for critical infrastructure 1031 Secure Utility Gateway Power supply units: 106X44.7X120 mm (4.17,1.76,4.72 in.) 1X10/100, 1X100/1000 SFP, 2X Serial port, Cellular. 1 power input. 3180 Compact secure switch/router Dimensions (HxWxD) Interfaces Power Supply Units 148x72x123 mm (5.83,2.83,4.84 in.) 8/16x10/100TX, 2x100/1000 SFPs Optional: Serial ports, Cellular 1 (with 2 power inputs) 3700 Modular ruggedized switch/router Dimensions (HxWxD) Interface slots Power Supply Units 148x380x139 mm (5.83,14.96,5.47 in.) 7 (each with 4 Ethernet or Serial ports) 2 (each with 2 power inputs) iSIM Intelligent service management system • Distributed per-port DPI Firewall • Network Learning - For easy creation Firewalls rules • Anomaly behavior detection in the network • Remote Access using Two-FactorAuthentication, with full auditing • IPSec VPN over Cellular & Fiber with X.509 certificates • Syslog reporting to SIEM tools for integration of Physical & Cyber security • Secure management using SNMPv3, SSH and RADIUS Networking: • Ruggedized, industrial-grade hardware for extensive operating conditions • Environmental compliance according IEC61850-3, IEEE1613 • Variety of interfaces such as 100/1000 Fiber, 10/100 Copper and Serial RS-232/RS-485 • 2G/3G/4G Cellular modem using dual SIM for redundancy • L2 protection using ERP & Spanning tree • IP routing using OSPF, RIP, VRRP and VRF • IEEE1588v2 clock synchronization Contact us Headquarters Telephone: +972-77-5012702 [email protected] USA office Telephone: +1 (201) 8039350 [email protected] UK office Telephone: +44 (0) 1752 936195 [email protected] Ordering number: CT-BR03050 Dimensions Interfaces: Security:
© Copyright 2024