BlackGate 202T
BlackGate 202T

Secure SCADA Gateway

• Secure TCP to Serial Gateway
• With an integrated Bell 202T modem
• Modbus RTU/ASCII/ROC and DNP3 SCADA protocols are transparently supported
• AES Encrypted Packetized SCADA Data

Image is not available
SIZE
9" (L) x 7.3” (W) x 1.50” (H)
BlackGate REAR
Image is not available

Rear Panel: Redundant 10-30 VDC Option

Rack Mount and Power Options
Image is not available

Rack Mount and Power Supply Options

previous arrow
previous arrow
next arrow
next arrow

Black•Gate 202T

SECURE SCADA Gateway

Black•Gate 202T

SECURE SCADA Gateway

Product Image

SIZE

9" (L) x 7.3” (W) x 1.50” (H)

Overview

SCADA Serial TCP Gateway with Integrated 202T Modem

The BlackGate 202T is a secure TCP to Serial Gateway, with an integrated Bell 202T modem, that interconnects Ethernet TCP/IP SCADA Master Controllers to the serial SCADA interface of Remote Terminal Units that have 202T modems.

Pipeline operators and Utilities deploy the BlackGate 202T to facilitate SCADA communications to PLC, RTU's, Flow Computers, or Gas Analyzers over IP/MPLS Ethernet based wired or wireless networks. Modbus RTU/ASCII/ROC and DNP3 SCADA protocols are transparently supported.

Telecommunication Service providers have announced their plans to discontinue the leasing of the 4-wire analog circuits that are employed by SCADA systems to provide connectivity to remote facilities. The imminent termination of Telco service coupled with their significant price increases is motivating the transition to IP packetized technology.

The BlackGate utilizes industrial grade hardware components and state of the art secure software.

Black•Gate Security

The Black in BlackGate is derived from the nomenclature used by the NSA to indicate that classified information is secure. SCADA connnections control the elements that make up Critical Infrastructures and their messages must be secured.

The BlackGate boots up secure, configured to establish an IPSEC AES encrypted VPN connection to the SCADA Controller network. Public Key Certificates provide Authentication of the VPN.

Black•Gate Multi-Drop

In order to minimize the number of telephone circuits required to connect Data Center Front End SCADA controllers to Remote Terminal Units, Multi-Drop communication protocol was implemented. The Multi-Drop feature allows a SCADA host connection to communicate with Remote Terminal Units that drop off of a common 4-Wire Circuit.
 
The BlackGate transparently supports Multi-Drop 202T. The BlackGate connected to the addressed RTU sends the SCADA response back to the originating TCP/IP connection of the SCADA Controller's polling port.

Black•Gate NERC Redundancy

NERC -CIP mandates control center redundancy. RTUs must be accessible from, and be able to connect to, backup control centers. 

BlackGate continuously monitors connectivity to the active control center and automatically switches to the active backup control center.

  • NERC mandates for control center redundancy
  • Preserves investment in RTU & Central ⁻⁻ SCADA
  • Control Center redundancy with IP flexibility
  • Supports up to four redundant control centers
  • Redundant and diverse connectivity

Black•Gate Management

BlackGate management access is limited to encrypted sessions via TLS, SSH, or SNMPv3, that employ AES 256 bit keys and sophisticated NIST approved passwords. These sessions may be established after authentication via TACACS+ or Radius. Administration and User Logs are available with Syslog. 

Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the BlackGate is trusted by Engage.Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the BlackGate is trusted by Engage.The signature of each piece of boot software, including firmware drivers, the operating system and applications is validated. Code Signing must be done for upgrades to be implemented.

NERC CIP Compliance

The BlackGate installations achieve NERC CIP compliance with a combination of internal and external functions.

The Management interface has the sophistication to implement comprehensive policies and privileges for administrator and user accounts.

Administrator policy includes removal, disabling or renaming.Interoperability with external functions such as Syslog, Network Timing Protocol, TACACS+ and Radius with its support for RSA SecureID delivers trusted compliance.

 

Electronic Security Perimeter

The BlackGate in combination with industry standard services meets the Electronic Security Perimeter's NERC CIP-005 specifications.

CIP-005 Requirement & IP•Tube CEP Solutions

R2.1 - Deny Access by Default

Solution: Accounts must be created to allow access

R2.2 - Enable only needed ports

Solution: Each Port may be enabled or disabled

R2.4 - Strong Technical Controls

Solution: RSA's SecureID two-factor Authentication

R3.2 - Unauthorized Access

Solution: Alert messages via Syslog or TACACS+

R5.3 - Access Logging

Solution: Syslog of Access and Command interactions

CIP-005 Requirement

IPTube CEP Solution

R2.1 - Deny Access by Default

Accounts must be created to allow access

R2.2 - Enable only needed ports

Each Port may be enabled or disabled

R2.4 - Strong Technical Controls

RSA's SecureID two-factor Authentication

R3.2 - Unauthorized Access

Alert messages via Syslog or TACACS+

R5.3 - Access Logging

Syslog of Access and Command interactions

System Security Management

Access control is Authenticated, Authorized and Accounted for with Radius or TACACS+.

Security Patches managed proactively.

CIP-007 Requirement

IPTube CEP Solution

R2.1-3 - Ports and Services

Unused Serial Ports and Services are disabled

R3 - Security Patch Management

Kernel and application upgrade alerts

R5.3 - Secure Passwords

Require minimum length, strength, frequencyRequire minimum length, strength, frequency

R6.4 - Security Status Logs

Syslog and AAA via TACACS+

CIP-007 Requirement & IP•Tube CEP Solutions

R2.1-3 - Ports and Services

Solution: Unused Serial Ports and Services are disabled

R3 - Security Patch Management

Solution: Kernel and application upgrade alerts

R5.3 - Secure Passwords

Solution: Require minimum length, strength, frequencyRequire minimum length, strength, frequency

R6.4 - Security Status Logs

Solution: Syslog and AAA via TACACS+

Specifications

LAN Network Interface
  • Two 10/100BaseT Full/Half Ethernet
  • Auto negotiation or Configurable Speed and Duplex
LAN Network Protocols Supported
  • IP, TCP, UDP, ICMP, Telnet, DHCP, DDNS, SSH
  • Network Time Protocol - NTP
202T Interfaces
  • 1-4 Bell 202 T interface (Specify number of ports needed when ordering)
Interface Baud Rate
  • Asynchronous: 1.2 Kilobits persecond

Protocols Supported
  • DNP3-TCP/IP, ModBus-TCP/IP; ASCII; ROC
ROCSCADA Encryption Algorithm
  • AES 256-bit
  • Fully Automatic key management
Quality of Service Support
  • IP Type of Service (TOS) CLI configured
  • 802.1p/q mac level prioritization
Regulatory
  • CE
  • Safety -IEC60950
  • EMC - CFR 47 Part 15 Sub Part B:2002, EN55022: 1994 + A1 & A2, EN55024, ICES-003 1997, CISPR 22 Level A
  • Telecom TBR12, TBR13 
Management
  • Secure Socket Shell - SSH
  • Console Port for Out of Band Management
  • SNMPv3 Public and Private MIB with configurable traps
  • Syslog with NTP Time Stamping
  • Authentication, Authorization & Accounting
  • TACACS+, RADIUS, 2 Factor Authentication
Environmental
  • 0° to 132° F (-10° to 50°C) operating
  • 90% operating humidity (non-condensing)
  • Optional Extended Temperature (-40°C to 70°C)
Dimensions
  • Dimensions: 9" (L) x 7.3” (W) x 1.50” (H)
Environmental
  • 0° to 132° F (-10° to 50°C ) operating temperature
  • Up to 90% operating humidity (non-condensing)
  • Optional Extended Temperature Range available
Rear Panel/Power
  • 12-30 VDC, 1.0A. 
  • Screw Locking Connector
  • 100/240 VAC 50/60 Hz International Adapter
  • Optional -48V 0.25 Amp
  • Hot Standby with 2nd Power Module and Redundant power Options

Ordering Information

Rack Mount & Power Supply Options:

BlackGate RS232 Rear
BlackGate RS232 Rear

Part No.

Description

GW-007-202T-0x*

BlackGate 202T*Note: x = Specified Number of 202T Ports enabled (1 to 4)

Optional Features

Optional Features

EXT

Extended Temperature, -40C to 70C

RED

Redundancy Option, Redundant SCADA Controller

Power Supply Options

Power Supply Options

094-2418

90-220 VAC Universal International/Domestic Adapter

094-2418-R

DUAL REDUNDANT, 90-220 VAC Adapter

094-N48V

Internal Power Module, -48 VDC Screw Terminals

094-N48V-02

DUAL REDUNDANT, -48 VDC Screw Terminals

094-1500

WIREDC Option, +24 VDC Screw Terminals

094-WIREDC-R

DUAL REDUNDANT, +24VDC

Rack Mount Options

Rack Mount Option

095-1000

Rack Mount Kit - for single 7" products (Fits both 19" and 23" racks)

095-2000

2 unit 19" x 1RU Rack Mount Kit for 7" products

095-3000-RTANG

Right Angle Wall Mount Bracket Kit

So What's Next?

WE’RE READY!

Engage Communication
9565 Soquel Drive. Aptos, CA 95003
This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it.



Telephone: 1-831-688-1021
Toll Free : 1-877-ENGAGE4
 
 
Designed, Fabricated, and Assembled
in America 
Supported Worldwide