N-Dimension n-platform 340S Unified Threat Management System Firewall Router Site-to-Site VPN Remote-Access VPN Serial SCADA VPN Proxy Anti-virus SCADA IDS Port Scanner Vulnerability Scanner System & Service Monitor Network Device Control High-Availability Active / Standby Configuration VLAN Support Logging and Reporting NERC-CIP Compliance Reporting All easily managed from a user-friendly graphical user interface The n-platform 340S from N-Dimension Solutions, Inc. is a Unified Threat Management (UTM) appliance that provides a comprehensive suite of network security functionalities in an IEEE-1613 compliant 3U rack-mount form factor that has no moving parts and can withstand harsh environments. The n-platform 340S is the member of N-Dimension s n-platform series of UTM appliances that is ideal for substation deployments. The n-platform 340S, based on the Schweitzer Engineering Laboratories SEL-1102 hardware platform with up to 6 (six) Ethernet ports, facilitates securing environmentally challenging substations or other remote field sites from potential cyber security attacks. This appliance provides a comprehensive portfolio of network and security features that enable critical infrastructure organizations to implement strong security protection for critical control systems and networks, monitor those systems and networks for security vulnerabilities and potential intrusions, collect comprehensive log information about securityrelated actions and events, and generate security reports. Together with N-Dimension s n-central monitoring and reporting appliance, the n-platform 340S can provide a strong foundation for NERC CIP compliance and reporting. The features available in the n-platform 340S are configured via a user-friendly graphical user interface (GUI) or command-line interface (CLI). All rights reserved. 2011 N-Dimension Solutions Inc. Page 1 of 7
All rights reserved. 2011 N-Dimension Solutions Inc. Page 2 of 7
Gateway Mode Gateway mode refers to implementing and protecting connections between networks. The connection between a substation and control center is a critical network interconnection that must be protected in order to defend both substation cyber assets and control center cyber assets. The n-platform 340S gateway functionalities include Routing, Firewall, Anti-Virus, Proxy Filter, Network Device Control, and VPN (including Site-to-Site, Remote-Access, and Serial SCADA). With these features organizations are able to create security zones to protect critical cyber assets and establish electronic security perimeters to control access to these zones. An important feature for field sites like substations is the ability to protect the transmission of data between legacy systems. Many legacy systems in substations communicate with the SCADA control center in clear text format over slow serial links. These communications can be easily tapped into by hackers, and consequently used to manipulate substation systems or even gain access to the SCADA control center. When these communications use slow serial connections, enterprise-grade VPN solutions add too much overhead to be used to protect them. The n-platform s SCADA VPN, based on the emerging IEEE P1711 standard, can encrypt and decrypt this data to ensure integrity and achieve high security standards during the transmission of data between the substations and SCADA control center. The combination of gateway security features that the n-platform 340S provides enables organizations to improve the protection of their critical infrastructure. Protecting the Control Network and Substation Networks from cyber security attacks using Router, Firewall, Proxy, Anti-Virus, Site-to-Site VPN, SCADA VPN, and Network Device Control features. All rights reserved. 2011 N-Dimension Solutions Inc. Page 3 of 7
Monitoring Mode Monitoring mode refers to monitoring network traffic and checking for any abnormalities that may cause instability of the interconnected infrastructure. The n-platform 340S enables organizations to protect their critical assets by monitoring their electronic security perimeters for any indicators of potential cyber security attacks. This is achieved by the combination of SCADA Intrusion Detection System (IDS), Vulnerability Scan, Port Scan, Availability monitor, and Performance Monitor. The 5,000+ IDS sensors in n-platform, including sensors designed for SCADA systems, scan network packets for intrusion signatures. When a match is found, an alert is sent via e-mail and/or e-pager for immediate action. Vulnerability and Port Scans are critical in protecting against cyber security attacks because they help the organization find open backdoors to the network. Availability and performance monitoring can reduce the burden for IT and Operations administrators in recognizing and troubleshooting network and systems performance problems. Monitoring the Substation for potential cyber security attacks using SCADA IDS, Vulnerability Scan, Port Scan, System and Service monitoring features. Other Features The n-platform 340S can be integrated with the organization s SCADA system to report security system status on a SCADA console. VPN access and administrative access can by controlled by LDAP and Microsoft Active Directory. The High-Availability configuration allows n-platforms to operate in an activestandby configuration to ensure reliability for critical functions in the operating environment. The n-platform 340S can be used as a DNS server, DHCP server, and NTP servers. All features provide comprehensive logging capabilities to enable troubleshooting and address compliance reporting. All rights reserved. 2011 N-Dimension Solutions Inc. Page 4 of 7
FRONT PANEL VIEW REAR PANEL VIEW All rights reserved. 2011 N-Dimension Solutions Inc. Page 5 of 7
FRONT PANEL VIEW REAR PANEL VIEW All rights reserved. 2011 N-Dimension Solutions Inc. Page 6 of 7
TECHNICAL SPECIFICATIONS Model Schweitzer Engineering Laboratories SEL-1102 Processors Mobile Intel Pentium M Processor (1.4 GHz, 400 FSB) Cache Memory 1MB Level 2 cache Chipset Intel 855GME Chipset Memory 1GB ECC DDR Network Interface 1 Fast+ 10/100Mbps; Fiber Optic or Copper Network Interface 2 Fast+ 10/100Mbps; Fiber Optic Additional Network Interfaces 2 x 10/100Mbps Copper (Maximum of 2 additional Copper Ethernet Ports allowed) Storage Controllers Intel ICH4-M, UDMA 33/66/100 Fixed Storage 8GB Compact Flash (Primary) + 8GB Compact Flash (Secondary) Interfaces PS2 Keyboard x 1, PS2 Mouse x1, DB15 Video x 1, USB x 4, EIA-232 x 1 Form Factor 19" Industrial Rack-mount or Panel-mount (3U) Power Supply CE Mark Compliant; 24/48 Vdc; 48/125 Vdc or 120 Vac; 125/250 Vdc or 120/240 Vac System Fans None Power Connection Industrial direct wire connection Rack Dimension (H x W x D) - 5.22 x 18.31 x 10.40 in (13.26 x 46.51 x 26.41 cm) Rack Weight 11 lb (5kg) Operating Temperature -40 to 75 C (-40 to 167 F) Operating Humidity 5 to 95% relative humidity (Rh) Hardware Warranty 10 Years Limited Worldwide HARDWARE OPTIONS SOFTWARE OPTIONS Network Interfaces Power Supply Mounting Two (Port 1 & 2); Four (Port 1 to 4); Six (Port 1 to 6) 24/48 Vdc; 48/125 Vdc or 120 Vac; 125/250 Vdc or 120/240 Vac Horizontal Rack Mount; Horizontal Panel Mount Monitoring Option Pack Gateway Option Pack HA Option Pack Software Support SCADA Intrusion Detection, Port Scanner, Vulnerability Scanner, System & Service Monitors, Static Routing, Admin Firewall, NTP Server, SCADA Integration, VLAN Support, Comprehensive Logging & Reporting, Email & Pager Alerting, LDAP & AD User Management All Monitoring options plus Stateful Firewall with NAT, Site-to-Site IPSEC & SSL VPN, Remote Access IPSEC & PPTP VPN, Device Monitoring, Anti-virus, Proxy, DNS & DHCP Server; SCADA VPN in Q2 2011 All Gateway options plus support for high-availability active-standby mode Annual Maintenance Subscription Available in one (1), two (2), or three (3) years Specifications subject to change without notice. Subscription additional. About N-Dimension Solutions Inc. N-Dimension Solutions Inc. is a leader in Cyber Security solutions for the Power & Energy market. N-Dimension develops products and solutions to assist critical infrastructure organizations to protect their Control Systems and Information Systems and to achieve compliance with industry-specific regulatory standards such as the NERC CIP standards. N-Dimension and its industry-leading business partners are actively assisting utilities around the globe with cyber security protection for their portion of the Smart Grid. N-Dimension Solutions Inc. 9030 Leslie St. Unit 300 Richmond Hill, Ontario L4B 1G2 CANADA Telephone: +1.905.707.8884 Toll-Free: +1.866.837.8884 Fax: +1.905.707.0886 Email: sales@n-dimension.com Web: www.n-dimension.com All rights reserved. 2011 N-Dimension Solutions Inc. Page 7 of 7