GarrettCom's security solutions protect networks and associated applications from unauthorized access or interception. Authentication and encryption features protect ports, data transport and management for critical network infrastructure, enabling utilities to meet industry best practices and regulatory compliance.
Perimeter security and data transport
DynaStar secure multi-protocol solutions provide perimeter protection and transport encryption solutions for both routed and non-routed protocols. Most DynaStar network implementations use secure frame-relay connections as point-to-point secure layer-two tunnels. For IP traffic, DynaStar also provides basic firewall services (IP and TCP address/port filtering) and IPsec VPN services. For non-routed SCADA Frame Forwarding connections, DynaStar also provides per-connection link encryption facilities.
DynaStar networks enable all ports within a substation to be “nailed down” to secured network interfaces. For Ethernet connections, DynaStar provides static MAC and learned static MAC port security as well as VLAN services. For serial connections, unidirectional serial-IP services, TCP/IP filtering and optional non-routed direct-to-frame dedicated end-to-end connections ensure only planned, authorized connectivity is enabled. In addition, GarrettCom partners with and resells access security system solutions . With such security solutions, intermittent administrative connectivity to IEDs and other substation devices is securely mediated via a central secure access data base, with optional RSA SecureID two-factor authentication. This system centralizes password and access profile administration across a large network.
For secure serial lines, GCI
Serial/IP® COM Port Redirector which
creates virtual COM ports with SSL encryption.
DynaStar provides multiple administrative user profiles with secure, strong-form ID/passwords, optionally integrated with central access control systems for two-factor authentication. All management traffic may be filtered and encrypted via firewall and IPsec features. Console access (and failed access) events are administratively logged in downloadable event logs, as are all configuration change events, enabling log archival and event auditing for regulatory compliance