BlackGate RS232 - Secure SCADA Gateway

EN-GW-007-RS232

Image
RS232 Secure SCADA Gateway
  • AES 256 Encrypted SCADA data
  • Transparent transport for Modbus RTU/ASCII/ROC and DNP3 SCADA protocols
  • Highly secure TCP to MODBUS gateway
  • 4G/LTE modem option
  • Additional integrated 202T leased line modem
  • BlackGate installations achieve NERC CIP compliance

 

The BlackGate RS232 is a secure TCP to Serial Gateway, with an integrated Bell RS232 modem, that interconnects Ethernet TCP/IP SCADA Controllers to the serial SCADA interface of Remote Terminal Units. Pipeline operators and Utilities deploy the BlackGate RS232 to facilitate SCADA communications to PLC, RTU's, Flow Computers, or Gas Analyzers over IP/MPLS Ethernet based wired or wireless networks. Modbus RTU/ASCII/ROC and DNP3 SCADA protocols are transparently supported. The BlackGate utilizes industrial grade hardware components and state of the art secure software.
 

BlackGate Secure TCP to Serial Gateway


The BlackGate is designed for highly secure transport and management of SCADA traffic. In fact, the “Black” in the product name is derived from NSA nomenclature for securing classified information. The critical nature of SCADA networks, along with the increasing frequency of cyber attacks, makes protecting these networks paramount.

The BlackGate meets these security challenges with advanced cryptography and security capabilities for both payload data and the management plane.

Payload Data Security

  • The BlackGate boots up ready to establish a secure IPSec VPN tunnel
  • The PKI cryptographic process, along with Public Key Certificates, ensures Authentication
  • AES 256 bit keys are supported for highly secure data encryption.

Management Security

  • Management access is limited to encrypted sessions via TLS, SSH and SNMPv3;
  • AES 256 bit keys & sophisticated NIST password technology keep management data secure
Encrypted SCADA Transport over Ethernet / IP


BlackGate Controller Redundancy

NERC -CIP mandates control center redundancy. RTUs must be accessible from, and be able to connect to both primary and backup control centers.

BlackGate continuously monitors connectivity to the active control center and automatically switches to the active backup control center.

  • NERC mandates for control center redundancy
  • Preserves investment in RTU & Central SCADA controllers
  • Control Center redundancy with IP flexibility
  • Supports up to four redundant control centers
  • Redundant and diverse connectivity
BlackGate integrates up to 4 SCADA controllers


BlackGate Management

BlackGate management access is limited to encrypted sessions via TLS, SSH, or SNMPv3, that employ AES 256 bit keys and sophisticated NIST approved passwords. These sessions may be established after authentication via TACACS+ or Radius. Administration and User Logs are available with Syslog.

Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the BlackGate is trusted by Engage.Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the BlackGate is trusted by Engage.The signature of each piece of boot software, including firmware drivers, the operating system and applications is validated. Code Signing must be done for upgrades to be implemented.

 

Specifications

Item Description
LAN Network Interface
  • Two 10/100 and optional 1000 Ethernet: Copper Optional SFP
  • Auto negotiation or Configurable Speed and Duplex
LAN Network Protocols
  • IP, TCP, UDP, ICMP
  • SSH, SNMPv3
  • DHCP, DDNS, SSH, NTP
RS232 Interfaces
  • 1-4 RS232 interface DB25 & DB9 options
  • Asynchronous: 75 to 230400 bits per second
Protocols Supported

DNP3-TCP/IP, ModBus-TCP/IP; ASCII; ROC

SCADA Encryption Algorithm
  • AES 256-bit
  • Fully Automatic key management
Quality of Service Support
  • IP Type of Service (TOS) CLI configured
  • 802.1p/q mac level prioritization
Regulatory
  • CE
  • Safety -IEC60950
  • EMC - CFR 47 Part 15 Sub Part B:2002, EN55022: 1994+A1&A2
  • EN55024, ICES-003 1997, CISPR 22 Level A
  • Telecom TBR12, TBR13 
Management
  • Secure Socket Shell - SSH V2 Session Encryption
  • Console Port for Out of Band Management
  • SNMPv3 Public and Private MIB with configurable traps
  • Syslog with NTP Time Stamping
  • Authentication, Authorization & Accounting -TACACS+, RADIUS, 2 Factor Authentication
Dimensions

12" (L) x 5.5 ” (W) x 1.50” (H)

Environmental
  • 0° to 132° F (-10° to 50°C) operating
  • 90% operating humidity (non-condensing)
  • Optional Extended Temperature (-40°C to 70°C)
Power
  • 12-30 VDC, 1.0A.
  • Screw Locking Connector
  • 100/240 VAC 50/60 Hz International Adapter
  • Optional -48V 0.25 Amp
  • Hot Standby with 2nd Power Module and Redundant power Options

Ordering Information

Order Code Description
EN-GW-007-RS232-01AC BlackGate Secure SCADA Gateway 1 x R232 - AC PSU
EN-GW-007-RS232-02AC BlackGate Secure SCADA Gateway 2 x R232 - AC PSU
EN-GW-007-RS232-03AC BlackGate Secure SCADA Gateway 3 x R232 - AC PSU
EN-GW-007-RS232-04AC BlackGate Secure SCADA Gateway 4 x R232 - AC PSU

More Information

Product Category