iSEG RF-1031

iSEG RF-1031 Secure Gateway

Designed for small remote sites that require a secure connection to a limited number of devices

Features

AUTHENTICATION PROXY

Compliance with NERC CIP V6 via APA (Authentication Proxy Access) for network access management

IP SCADA FIREWALL

DPI firewall or monitoring all network traffic and managing physical and remote access control systems

SECURE VPN CONNECTIVITY

Communication with central site via IPsec VPN over cellular & fiber with X.509 certificates

RESILIENT NETWORK UPLINK

Connectivity via LAN or Cellular Modem with dual SIM for HSPA +/ LTE CDMA 450MHz

SCADA PROTOCOLS GATEWAY

Validation by the firewall for source, destination, protocol and packet contentty

FIT FOR HARSH ENVIRONMENTS

Radiflow’s iSEG 1031 was designed for operation under harsh temperature and radiation conditions

Security Solution for M2M and H2M Traffic

 

The iSEG RF-1031 Secure Gateway was designed for small remote sites that require a secure connection to a limited number of devices. It offers security solutions for both M2M (Machine to Machine) and H2M (Human to Machine) traffic by incorporating a DPI (Deep-Packet Inspection) firewall, as well as a user-identity firewall.

 

 

Specifications

 

SECURITY

 

Distributed DPI Firewall

  • Profile-based firewall
  • Security rules planning per service group
  • Firewall modes: Monitoring, Enforcement
  • IEC 104 DPI Firewall
  • Modbus TCP DPI Firewall
  • DNP3 TCP DPI Firewall
  • S7 TCP DPI Firewall

VPN

  • IPsec Certificates X.509
  • IPsec Dynamic Key Exchange
  • IPsec encryption AES, 3DES
  • L3 IPSec VPN policy based L3
  • IPSec VPN route based
  • L3 mGRE DM-VPN

Access control

  • Access Lists L3, L4
  • NAT
  • User-based/Task-based access
    control for local devices via local APA
    (Authentication Proxy Access)
  • OS image encryption

LOCAL OPERATION

  • RS-232 Console Port
  • Local USB Port for Emergency Boot
  • Discrete outputs for reporting system alarms Failsafe output relay for reporting critical alarms

INTERFACES

  • 1 or 2 x RS-232 RJ45 Serial port
  • 1 x RS-485 RJ-45 Serial port
  • 1 x 10/100TX RJ-45 Ethernet port
  • 1×100/1000 SFP Ethernet port
  • Cellular Modem with dual SIM for HSPA +/ LTE CDMA 450MHz
  • Discrete lines: 2 In, 2 Out
  • Console

 

PHYSICAL DESIGN

  • DIN rail mounting, optional wall mount
  • Rugged enclosure – IP 30
  • Fanless, self-cooling
  • Wide range of ambient temperature: min. -40°C,
  • max +70°C (-40°F to +158°F)
  • Storage Temperature: min -40°C, max +85°C
  • Operating humidity up to 90%
  • Dimensions (HxWxD) 106 x 44.7 x 120mm
  • Power consumption: 5W
  • Power supply 9-60V
  • DC IEC 61850-3 conformance
  • MTBF 25 years

 

MANAGEMENT

  • Console serial port
  • Backup/Restore running config
  • Conditioned/scheduled system reboot
  • Remote management and upgrade
  • TFTP/SFTP Client
  • Safe Mode
  • Syslog

PROTECTION

  • Protection over wired and cellular connections
  • Protection between Cellular ISPs (SIM cards backup)
  • Conditioned/scheduled system reboot

NETWORKING

Serial

  • SCADA gateway IEC 101/104 and DNP3
  • Terminal Server Byte/Frame modes
  • Serial transparent tunneling byte mode

Routing

  • Static routing
  • OSPF v2
  • IPv4
  • NAT
  • DHCP client

Switching

  • Auto Crossing
  • Auto Negotiation IEEE 802.3ab
  • VLAN Tagging

Time

  • Local Time settings
  • SNTP

Diagnostic

  • Counters & statistics per Port
  • LED diagnostics
  • Ping
  • RMON
  • DDM
Skip to content