BlackGate RS232 - Secure SCADA Gateway
EN-GW-007-RS232
- AES 256 Encrypted SCADA data
- Transparent transport for Modbus RTU/ASCII/ROC and DNP3 SCADA protocols
- Highly secure TCP to MODBUS gateway
- 4G/LTE modem option
- Additional integrated 202T leased line modem
- BlackGate installations achieve NERC CIP compliance
Overview
The BlackGate RS232 is a secure TCP to Serial Gateway, with an integrated Bell RS232 modem, that interconnects Ethernet TCP/IP SCADA Controllers to the serial SCADA interface of Remote Terminal Units. Pipeline operators and Utilities deploy the BlackGate RS232 to facilitate SCADA communications to PLC, RTU's, Flow Computers, or Gas Analyzers over IP/MPLS Ethernet based wired or wireless networks. Modbus RTU/ASCII/ROC and DNP3 SCADA protocols are transparently supported. The BlackGate utilizes industrial grade hardware components and state of the art secure software.
The BlackGate is designed for highly secure transport and management of SCADA traffic. In fact, the “Black” in the product name is derived from NSA nomenclature for securing classified information. The critical nature of SCADA networks, along with the increasing frequency of cyber attacks, makes protecting these networks paramount.
The BlackGate meets these security challenges with advanced cryptography and security capabilities for both payload data and the management plane.
Payload Data Security
- The BlackGate boots up ready to establish a secure IPSec VPN tunnel
- The PKI cryptographic process, along with Public Key Certificates, ensures Authentication
- AES 256 bit keys are supported for highly secure data encryption.
Management Security
- Management access is limited to encrypted sessions via TLS, SSH and SNMPv3;
- AES 256 bit keys & sophisticated NIST password technology keep management data secure
BlackGate Controller Redundancy
NERC -CIP mandates control center redundancy. RTUs must be accessible from, and be able to connect to both primary and backup control centers.
BlackGate continuously monitors connectivity to the active control center and automatically switches to the active backup control center.
- NERC mandates for control center redundancy
- Preserves investment in RTU & Central SCADA controllers
- Control Center redundancy with IP flexibility
- Supports up to four redundant control centers
- Redundant and diverse connectivity
BlackGate Management
BlackGate management access is limited to encrypted sessions via TLS, SSH, or SNMPv3, that employ AES 256 bit keys and sophisticated NIST approved passwords. These sessions may be established after authentication via TACACS+ or Radius. Administration and User Logs are available with Syslog.
Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the BlackGate is trusted by Engage.Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the BlackGate is trusted by Engage.The signature of each piece of boot software, including firmware drivers, the operating system and applications is validated. Code Signing must be done for upgrades to be implemented.
Specifications
Item | Description |
---|---|
LAN Network Interface |
|
LAN Network Protocols |
|
RS232 Interfaces |
|
Protocols Supported | DNP3-TCP/IP, ModBus-TCP/IP; ASCII; ROC |
SCADA Encryption Algorithm |
|
Quality of Service Support |
|
Regulatory |
|
Management |
|
Dimensions | 12" (L) x 5.5 ” (W) x 1.50” (H) |
Environmental |
|
Power |
|
Ordering Information
Order Code | Description |
---|---|
EN-GW-007-RS232-01AC | BlackGate Secure SCADA Gateway 1 x R232 - AC PSU |
EN-GW-007-RS232-02AC | BlackGate Secure SCADA Gateway 2 x R232 - AC PSU |
EN-GW-007-RS232-03AC | BlackGate Secure SCADA Gateway 3 x R232 - AC PSU |
EN-GW-007-RS232-04AC | BlackGate Secure SCADA Gateway 4 x R232 - AC PSU |