BlackGate RS232

The Black•Gate RS232 is a secure TCP to Serial Gateway, with an integrated Bell RS232 modem, that interconnects Ethernet TCP/IP SCADA Master Controllers to the serial SCADA interface of Remote Terminal Units.

Pipeline operators and Utilities deploy the Black•Gate RS232 to facilitate SCADA communications to PLC, RTU's, Flow Computers, or Gas Analyzers over IP/MPLS Ethernet based wired or wireless networks. Modbus RTU/ASCII/ROC and DNP3 SCADA protocols are transparently supported.

The Black•Gate utilizes industrial grade hardware components and state of the art secure software.

The Black•Gate is designed for highly secure transport and management of SCADA traffic. In fact, the “Black” in the product name is derived from NSA nomenclature for securing classified information. The critical nature of SCADA networks, along with the increasing frequency of cyber attacks, makes protecting these networks paramount.

The BlackGate meets these security challenges with advanced cryptography and security capabilities for both payload data and the management plane.

Payload Data Security

• The BlackGate boots up ready to establish a secure IPSec VPN tunnel
• The PKI cryptographic process, along with Public Key Certificates, ensures Authentication
• AES 256 bit keys are supported for highly secure data encryption.

Management Security

• Management access is limited to encrypted sessions via TLS, SSH and SNMPv3;
• AES 256 bit keys & sophisticated NIST password technology keep management data secure

NERC -CIP mandates control center redundancy. RTUs must be accessible from, and be able to connect to, backup control centers. 

Black•Gate continuously monitors connectivity to the active control center and automatically switches to the active backup control center.

• NERC mandates for control center redundancy
• Preserves investment in RTU & Central ⁻⁻ SCADA
• Control Center redundancy with IP flexibility
• Supports up to four redundant control centers
• Redundant and diverse connectivity

Black•Gate management access is limited to encrypted sessions via TLS, SSH, or SNMPv3, that employ AES 256 bit keys and sophisticated NIST approved passwords. These sessions may be established after authentication via TACACS+ or Radius. Administration and User Logs are available with Syslog. Black•Gate management access is limited to encrypted sessions via TLS, SSH, or SNMPv3, that employ AES 256 bit keys and sophisticated NIST approved passwords. These sessions may be established after authentication via TACACS+ or Radius. Administration and User Logs are available with Syslog. 

Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the Black•Gate is trusted by Engage.Secure Boot, a combination of hardware and firmware, is employed to ensure that the only code executing on the Black•Gate is trusted by Engage.The signature of each piece of boot software, including firmware drivers, the operating system and applications is validated. Code Signing must be done for upgrades to be implemented.

The Black•Gate installations achieve NERC CIP compliance with a combination of internal and external functions.

The Management interface has the sophistication to implement comprehensive policies and privileges for administrator and user accounts.

Administrator policy includes removal, disabling or renaming.Interoperability with external functions such as Syslog, Network Timing Protocol, TACACS+ and Radius with its support for RSA SecureID delivers trusted compliance.