Networking SCADA Solution

 Supervisory control and data acquisition (SCADA) applications allow users to monitor and control various remote functions and processes. Traditional SCADA networks are designed using leased line point-to-point, or multipoint circuits which allow the master controller to poll each slave in a predefined order. Through this process, the master can oversee the slaves’ control, maintain the process, and react to changes at the remote sites.

SCADA systems work over a communications network exercising control of a wide range of remote terminal units (RTUs) and programmable logic circuits (PLCs) using proprietary and industry standard protocols, such as DNP3, ModBUS, Motorola’s MOSCAD, and Allen- Bradley’s DF1, as well as the newer systems which are IP based. SCADA systems can be relatively simple, such as one that monitors the environmental conditions of a small office building, or incredibly complex, such as a system that monitors all the activity in a nuclear power plant or the activity of a municipal water system.

Vanguard Networks provides secure converged network solutions to integrate voice, data, and video over a single network combining the latest technologies, such as MPLS, Broadband VPN, and VoIP, to take advantage of the tremendous cost savings and value-added services offered today.

Historically, serial edge devices, like RTU’s, have been deployed over separate networks, but with Vanguard’s Access Gateways Utilities can leverage emerging Ethernet infrastructures to take advantage of their ubiquity, performance, security, and resiliency. In addition, multiple serial devices can be connected to the same Access Gateway so that multiple SCADA devices at a single location can communicate with the Host site.

 

Solution

With the emergence of Smart Grid technology, Vanguard Networks’ suite of access gateways provides a unique solution to the Utility industry; one that integrates existing half-duplex SCADA processes with newer IP-enabled processes, and eliminates costly leased line circuits with a more flexible and functional packet-based network (MPLS/VPN). That in turn facilitates the integration of other traffic types, like voice - and Vanguard gateways offer a full complement of analog and digital voice features, as well as voice over IP (VoIP). Thus, utility companies can further reduce their monthly recurring telecommunications costs by eliminating the voice line at remote, unmanned substations.

 

Benefits of SCADA systems and IP networks integration

  • Supports IP, SNA, SCADA and proprietary protocols
  • Connectivity to Ethernet or Serial interfaces
  • Leverage newer, more cost-effective IP-based technology and carrier services
  • Reduce monthly recurring telecommunications costs
  • Supports multiple devices per site
  • Supports integrated voice communications to remote sites over the same network
  • Supports video monitoring for application and physical security

Critical Infrastructure Protection

The Vanguard Networks’ SCADA platforms have the necessary features to provide protection for critical cyber assets. The Vanguard series of secure routers provide perimeter security between the substation and the outside world. The VN 3480 platform combines a layer 3 router, a firewall, a switch, and a VPN in one compact device.


Key Vanguard Security features include:

  • Firewall – Statefull firewall to control traffic between the Trust, Untrusted, and DMZ zones. Used with Network Address Translation (NAT) to prevent unauthorized or malicious activity, initiated by outside hosts, from reaching the internal LAN.
  • Denial of Service (DoS) – This Firewall feature can eliminate Denial of Service (DoS) attacks such as bad packets, bad TCO flags, and fake requests to enhance network security.
  • Virtual Private Networking (VPN) – Provides secure communication links over public or private networks. Ensures confidentiality, sender authentication, message integrity, and uses IP Security (IPSec) for encryption and authentication of all IP packets at the network layer.
  • Strong Encryption – Utilizes various encryption algorithms (DES, 3DES, AES) and key lengths, with support for Public Key Infrastructure and X.509v3 Digital Certificates.
  • Access Control – Administration of individual user profiles, implementation of strong forms of passwords, and logging all access to the system. Combined with RADIUS, Vanguard can capture and forward Authentication, Authorization, and Accounting information to any management platforms.
  • NMS Security – Combines features like SNMPv3, strong authentication, and event logging for port status, access and change events, and traffic logging for the Firewall.
  • System Recovery – Resilient networking via redundancy and backup, dynamic IP routing and VRRP. Backup over various media like Broadband Cable or DSL, and 3G Wireless. Remote backup of software and configuration files, with scripting support for configuration management.

Documentation

Services and Training

Contact Us