You are here
When a power utility upgrades its infrastructure to Smart Grid, one of the first items on its agenda is to confirm that all IP communications within the network, and all points of contact with outside networks, whether accessible by landline or only be cellular, are 100% fail-safe.
Any Smart Grid solution has to comply with local governmental regulations for network security. These often require a complete separation between sub-networks serving different operational functions – automated meter reading (AMR), remote terminal units (RTUs) and facility lighting. In cases in which laying a landline connection between different network nodes is either impossible or not cost-effective due to distances and geographic isolation, IP switches have to be connected to cellular networks. In addition, should a land-line failure occur, the network needs to be able to switch instantly and securely to a cellular backup. Since some segments of the network will inevitably utilize both cellular and land-based connections, network switches have to be capable of integrating both and transition backhaul traffic between them. Nonetheless, given that network optimization is always a key requirement, all network elements must guarantee quality of service (QoS), be it over wireline or cellular connections.
RAD’s Award-Winning Cyber Security Solution
RAD’s award-winning SecFlow Ethernet switches/routers provide resilient, managed cyber security controls specifically designed to address the needs and vulnerabilities of power utilities. SCADA-aware data attack detection and prevention mechanisms ensure service validation, while support for the IEC-104 protocol enables the examination of each data packet entering each switch’s port to match it to the rules defined by the user. SecFlow utilizes Dynamic Multipoint Virtual Private Network (DMVPN) with DMVPN encryption and Virtual Routing and Forwarding (VRF) to create an airtight segmented connection between different nodes serving various operational needs.
NERC-CIP compliant and IEC 61850-certified, SecFlow’s communications and critical-asset protection guarantees security even in remote substations. All this combines to provide fail-safe distributed security, basically rendering the network impregnable to external threats.
A variety of communication interfaces enable SecFlow to provide end-to-end Ethernet connectivity over copper, fiber, power over Ethernet (PoE), wireless, or cellular links –2G, 3G and LTE – using a dual-SIM modem, which, in essence, functions as two separate modems working in parallel. In this way, SecFlow is able to feature redundancy with instant automatic failover, guaranteeing service assured communications. SecFlow also supports dynamic quality of service (QoS) for both fiber and cellular networks to address high network load or partial network failure situations.
Ruggedized to Tolerate Extreme Environments
The ruggedized SecFlow devices offer the highest available tolerance levels to electromagnetic radiation, as well as vibration, extreme temperature variation (both high and low), and very high humidity. SecFlow can be installed and swapped on any Din rail-compatible equipment rack. Compact in size, it can easily be fitted in a pole-mounted utility cabinet.
- Power utilities
- Carriers providing communications networks to power utility customers
Transport critical data over packet switched networks
- Per-port SCADA-aware data attack detection
- Supports DMVPN, encryption and VRF
- Dual-SIM modem
- Dynamic QoS
- Ruggedized enclosure
- Compact size
- Provides distributed security and service validation for any SCADA protocol
- Airtight segmented connection between different nodes serving various operational needs
- System redundancy and instant automatic failover in the case of physical damage to the fiber cable
- Prioritizes communications and protocols in the event of high network load or partial network failure
- Highest available tolerance to electromagnetic radiation, vibration, extreme temperature variation, and humidity
- Fits small pole-mounted utility cabine
The SecFlow-2 is ideal for industrial IoT backhaul, enabling fast, secure and economical deployment of new IoT sites. Allowing secure connectivity over wireless or fiber networks – either public (e.g., cellular) or private, it connects all types of industrial devices, including RTUs, smart meter aggregation devices, IoT base stations or concentrators, CCTV cameras, point of sale devices, Wi-Fi base stations, and more. SecFlow-2 is also used for operational WANs, providing reliable secure Layer 2 and Layer 3 communications for power utilities, water and gas utilities, public safety and homeland security agencies, as well as intelligent transportation operators.
The SecFlow-4 combines functionalities that typically require separate devices and provides an efficient distributed security layer protecting from insider attacks. This ruggedized, modular switch/router provides a flexible platform with a combination of fiber and copper Ethernet ports, as well as serial interfaces for legacy devices.
The SecFlow-4 modular ruggedized SCADA-aware Ethernet switch/router is ideal for utility companies and critical infrastructure organizations such as Smart Grid and intelligent transportation operators, water and gas utilities, as well as public safety and homeland security agencies.