KR EN

SEL-3620

본문 바로가기
KR EN
search menu

SEL-3620

Ethernet Security Gateway
  • The SEL-3620 is an Ethernet Security Gateway designed to protect entire substation and industrial control system networks while simplifying device management. It integrates router, virtual private network (VPN) endpoint, and stateful firewall functionalities into a single robust device. Acting as a security proxy for both serial and Ethernet-based Intelligent Electronic Devices (IEDs), it provides centralized authentication and detailed activity logging to ensure a comprehensive audit trail for the entire network.
Catalog Download

Key Features

  • Stateful Deny-by-Default Firewall

    Monitors all traffic entering and leaving the substation network and blocks any communication that is not explicitly permitted, shielding the system from external attacks.

  • IPsec VPN and Modern Encryption

    Supports robust IPsec VPN tunneling and the latest cipher suites (including the 2022 Secure profile) to ensure data confidentiality and integrity during remote communication between sites.

  • exe-GUARD® Whitelist Anti-Malware

    Utilizes allowlisting technology to permit only authorized processes to run, effectively blocking zero-day threats in OT environments where frequent patching and signature updates are challenging.

  • Automated IED Password Management

    Automatically rotates passwords for connected IEDs on a regular basis and enforces complexity rules, preventing security breaches caused by shared accounts or weak credentials.

  • Centralized User Authentication (LDAP/RADIUS)

    Integrates with existing authentication servers, such as Microsoft Active Directory, to manage user accounts and access permissions consistently at the gateway level rather than on individual devices.

Convenience features

  • Integrated Security Proxy and Single Sign-On (SSO)

    Users only need to log in to the security gateway once; the gateway then handles the authentication for each downstream IED. This eliminates the need to log in to individual devices manually, significantly boosting engineering efficiency.

  • Serial-to-Ethernet Protocol Conversion

    Converts legacy serial-based communications to Ethernet-based protocols, allowing older equipment to be integrated into modern secure networks and eliminating the need for costly leased analog circuits.

  • Comprehensive Event Logging and Alerting

    Detailed logs of all connection attempts, configuration changes, and system alarms are maintained (via Syslog and SNMP) to simplify audit compliance and facilitate rapid root-cause analysis during incidents.

  • Multi-Factor Authentication (MFA) Support

    Enhances the security of remote engineering access by supporting two-step verification methods.

  • Physical Tamper Detection

    Features sensors that detect and alert operators to unauthorized enclosure openings or physical manipulation of the device, bridging the gap between cyber and physical security.
List
SOLVEC ELECTRIC ONLINE INQUIRY