Radiflow’s devices offer advanced security features such as a distributed firewall and task-based validation of human-to-machine (H2M) sessions. This enables granting access to only specific end-devices without exposing the entire network. All user access and activities are fully logged.
Radiflow’s distributed firewall enables enforcing security profiles across the network according to predetermined policies. iSIM translates the security profiles into firewall rules, which are automatically uploaded to the secure gateways across the network. This ensures that the same profiles are used across the network.
When service maintenance is needed but granting access to the entire network is not acceptable, Radiflow’s APA (Authentication Proxy Agent) allows setting a time window for accessing a specific device via the distributed firewall.
iSIM enables selecting specific Radiflow devices on the network and creating custom firewall rules for each device. This in effect creates, during the allotted time window, a direct tunnel from the technician’s PC to the specific SCADA device (PLC, IED, RTU, etc.) without exposed the entire network. At the end of the access window a detailed log file is generated with all of the technician’s operations.

iSIM provides a map view of the network topology, divided into sub-networks, indicating each edge device (by Radiflow or otherwise) such as PLCs, RTUs etc.
Events reported to iSIM by Radiflow’s networked devices are presents in an aggregate view.
Operational alerts are prioritized and color-coded, and presented graphically as map links. The user is able to filter alerts by severity, protocol and more.
iSIM also contains traffic analysis tools, which provide:
- Log files with all violations
- Log files for the maintenance process
- Traffic statistics of links in the network
- Performance-over-time graphs for selected links
