Security Solution for M2M and H2M Traffic
The iSEG RF-1031 Secure Gateway was designed for small remote sites that require a secure connection to a limited number of devices. It offers security solutions for both M2M (Machine to Machine) and H2M (Human to Machine) traffic by incorporating a DPI (Deep-Packet Inspection) firewall, as well as a user-identity firewall.
Specifications
SECURITY
Distributed DPI Firewall
- Profile-based firewall
- Security rules planning per service group
- Firewall modes: Monitoring, Enforcement
- IEC 104 DPI Firewall
- Modbus TCP DPI Firewall
- DNP3 TCP DPI Firewall
- S7 TCP DPI Firewall
VPN
- IPsec Certificates X.509
- IPsec Dynamic Key Exchange
- IPsec encryption AES, 3DES
- L3 IPSec VPN policy based L3
- IPSec VPN route based
- L3 mGRE DM-VPN
Access control
- Access Lists L3, L4
- NAT
- User-based/Task-based access
control for local devices via local APA
(Authentication Proxy Access)
- OS image encryption
LOCAL OPERATION
- RS-232 Console Port
- Local USB Port for Emergency Boot
- Discrete outputs for reporting system alarms Failsafe output relay for reporting critical alarms
INTERFACES
- 1 or 2 x RS-232 RJ45 Serial port
- 1 x RS-485 RJ-45 Serial port
- 1 x 10/100TX RJ-45 Ethernet port
- 1×100/1000 SFP Ethernet port
- Cellular Modem with dual SIM for HSPA +/ LTE CDMA 450MHz
- Discrete lines: 2 In, 2 Out
- Console
PHYSICAL DESIGN
- DIN rail mounting, optional wall mount
- Rugged enclosure – IP 30
- Fanless, self-cooling
- Wide range of ambient temperature: min. -40°C,
- max +70°C (-40°F to +158°F)
- Storage Temperature: min -40°C, max +85°C
- Operating humidity up to 90%
- Dimensions (HxWxD) 106 x 44.7 x 120mm
- Power consumption: 5W
- Power supply 9-60V
- DC IEC 61850-3 conformance
- MTBF 25 years
MANAGEMENT
- Console serial port
- Backup/Restore running config
- Conditioned/scheduled system reboot
- Remote management and upgrade
- TFTP/SFTP Client
- Safe Mode
- Syslog
PROTECTION
- Protection over wired and cellular connections
- Protection between Cellular ISPs (SIM cards backup)
- Conditioned/scheduled system reboot
NETWORKING
Serial
- SCADA gateway IEC 101/104 and DNP3
- Terminal Server Byte/Frame modes
- Serial transparent tunneling byte mode
Routing
- Static routing
- OSPF v2
- IPv4
- NAT
- DHCP client
Switching
- Auto Crossing
- Auto Negotiation IEEE 802.3ab
- VLAN Tagging
Time
Diagnostic
- Counters & statistics per Port
- LED diagnostics
- Ping
- RMON
- DDM