Manualshelf

Data Sheet

ManualsBrandsComnet ManualsComputers & AccessoriesEthernet Layer 3 Router/Gateway
12345678
RL1000GW
Small Form Factor Substation-Rated Secure Ethernet Layer 2 Switch/Layer 3 Router,
with Optional 2G/3G/4G LTE Cellular Radio Link, and 100/1000 Mbps SFP Uplink Port
PRODUCT DESCRIPTION
Seamless & Reliable Connection to Any Network
The RL1000GW provides connectivity to any copper, fiber optic, or cellular radio-based Ethernet network. Fiber optic
networks are supported by the use of the optional 100/1000FX SFP uplink port. The optional highly resilient 2G/3G/4G LTE
cellular radio uplink with 2 SIM card slots for network redundancy, is ideal where fiber optic infrastructure is not available,
and may be used as a back-up link for those applications where interruption of service is not tolerable.
Extremely Effective Network Security, For the Most Mission-Critical Applications
Service Gateway
The RL1000GW service gateway includes a highly robust application layer, and provides legacy support, a Deep Packet
Inspection (DPI) application-aware SCADA firewall, serial tunnelling, protocol gateway, and extremely effective encryption
technologies. The service gateway offers a uniquely capable feature set which may serve as the hardware foundation to a
secure industrial controls network, and includes Protocol Gateway, VPN, and IPsec features.
Protocol Gateway
Gateway functionality between a DNP3 TCP client (master) and a DNP3 Serial RTU, IED, PLC, or other compatible device is
supported. This same functionality is supported across MODBUS TCP to MODBUS RTU, and IEC 61850 101/104 TCP to IEC
61850 101/104 RTU. This level of protocol conversion allows legacy protocols to be secured by enterprise and industry best
practice level encryption across a TCP IP-based network.
VPN
VPN tunnels are included for secure inter-site connectivity with IPsec, DM-VPN, and VPN GRE tunnels with key management
certificates. The supported VPN modes allow both layer-2 and layer-3 services, to best suit the user’s application-specific
cyber-protection needs.
IPSec
Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and/
or encrypting each IP packet of a communication session. IPsec-VPN as well as IPsec encryption are supported over other VPN
technologies. By implementing this level of industry-accepted encryption, data may traverse the network in a guaranteed delivery
method, as well as providing a cohesive and secure methodology for network communication across legacy and modern networks.
Identity Management and Authentication Proxy Access (APA)
NERC-CIP-5 defines the important requirement for network security protection of remote and unattended facilities. The
capability of identifying the user and creating specific network privileges per identified and authenticated user prior to
granting the user access to the network therefore becomes critical
The Authentication Proxy Access (APA) is a highly sophisticated security feature, which allows the network operator to
manage the substation or any other facility maintenance process. This feature gives full control of the maintenance process to
the operator by granting the capability to create dynamic policies to specific tasks within an explicitly defined time window.
Following this time window, operators receive reporting on activities performed during the task. This audit trail comes in the
form of an overview log, and a full packet capture (PCAP) of the session.
Before a user is allowed access to the network, they must log in to ComNet’s internal authentication process with their unique user
name and password. Upon validation of the user profile, specific access is granted to predefined devices and functions, and each
operation is logged. Multi-factor authentication is available when combined with the Cyber-Physical Integration feature.
X.509 Certificate Exchange for VPN Connections
VPN tunnels for secure inter-site connectivity with IPsec VPN, GRE Tunnels, and DMVPN technologies are fully supported. In
addition to IPsec encryption, X.509 key management certificates are provided. This certificate support allows for a secure signed
key exchange between a Certificate Authority, and two secure nodes. Having a third-party authority as a signing participant offers
end-to-end security that may be managed and reissued from a trusted central source within the user’s network.
LIFETIME WARRANTY WWW.COMNET.NET TECH SUPPORT: 1.888.678.9427