Schweitzer Engineering Laboratories, Inc. (SEL) announced enhancements to the SEL-3620 Ethernet Security Gateway, SEL’s firewall and access control solution for substations and industrial environments.
The upgrade adds centralized, user-based access controls to serial intelligent electronic devices (IEDs), Ethernet IEDs, and critical protection devices downstream of the SEL-3620, and does so without disturbing existing configurations or requiring infrastructure upgrades. It generates complex passwords and adds automatic password management that supports regular IED password changes on a user-configurable schedule or on a triggered basis.
Because the SEL-3620 is device-aware, it knows all accounts and password requirements for each protected IED. The SEL-3620 generates audit reports that detail password changes and user actions, including every command a user sends to any device. Now users can add centralized user-based account access controls and obtain detailed user activity reports on critical protection devices without costly firmware upgrades or product replacements.
The SEL-3620 authenticates any incoming connection to a specific user, then transparently allows connections to any device the user is authorized to access. Once authenticated to an organization’s centralized account infrastructure, the user only needs to log in once and no longer has to know the IED passwords. The SEL-3620 proxies their connection to the downstream IED, while time-stamping and logging each action for accountability purposes (AAA proxy).
The SEL-3620 is available now for only $3,300, and the enhancements are free for any SEL-3620 already owned. Automatic password management and proxy services are included in the base price. The
SEL-3620 supports NERC CIP requirements for regular IED and relay password changes and complex password enforcement, and is ideally suited for engineering access applications.
Schweitzer Engineering Laboratories, Inc. (SEL)
Filed Under: Networks • connectivity • fieldbuses
Tell Us What You Think!