Sunteți pe pagina 1din 2

ASAT Solutions Inc.

#8 2121 29th Street NE


Calgary, AB., Canada T1Y 7H8
Phone: +1.403.569.1680
Fax: +1.403.569.1620
www.ASATsolutions.com
DAPguard Application
Authentication
To Central server and/or
To local authentication server
Authorization
Multi-level user access
Audit
Logging of User/device access
DAPguard is a substation security application that provides secures remote access to the
substation devices. With its capabilities in authentication, authorization and data logging
for audit trail, DAPguard provides the confidence the utilities need to deploy a
system-wide approach for connecting substation devices to enterprise applications.
What does the DAPguard substation security application do?
Limit or grant remote access to your substation devices in a secure manner
Compliance to the North American Reliability Corporations Critical Infrastructure
Protection (NERC CIP) requirements
Secure file transfer of substation data to utility enterprise applications
Log of user and device access for auditing purposes
Integrate seamlessly with your existing IT infrastructures
DAPguard is a software application in the DAP software suite, that runs on our
DAPserver and DAPmini substation data management units.
DAPguard
TM
Features
Authentication, Authorization, Audit-trail (AAA)
Linux security hardened operating system
Built in Linux Firewall
secured network tunnel - SSH/SSL/TLS
RADIUS and LDAP support
Local and central user directory administration
Configurable User/group privileges
Disable unused ports and services
On demand revoke of user remote access privileges
Intelligent Technologies, Smart Substations

ASAT Solutions Inc.


#8 2121 29th Street NE
Calgary, AB., Canada T1Y 7H8
Phone: +1.403.569.1680
Fax: +1.403.569.1620
www.asatsolutions.com
Use Case 1
Scenario:
Remote access to substation system and IEDs is needed by substation engineering,
maintenance and other utilities staff. Central security or access server is not available. Securing
point of access and NERC CIP compliant is a must.
Solution:
Integrate IEDs using DAPserver with DAPguard application in substation. In this case,
DAPguard runs a local LDAP or RADIUS server, and functions as an independent substation
security gateway to manage access control and secure data exchange.
Use Case 2
Scenario:
The existing D20 RTU is acting as the data concentrator and point of access to substation.
Central security or access server is not available. Securing point of access and NERC CIP com-
pliant is a must.
Solution:
Add DAPmini with DAPguard application to the D20 RTU. In this case, DAPguard runs a
local LDAP or RADIUS server, and functions as an independent substation security gateway to
manage access control and secure data exchange.
Use Case 3
Scenario:
Remote access to substation system and IEDs is needed. A central security or access server is
currently in operation, or will be incorporated in the future. However, substation level security
gateway is also needed.
Solution:
Integrate IEDs using DAPserver with DAPguard application in substation. DAPguard
supports most Linux or Windows based central security server. In this case, DAPguard
coordinates with the central security server to conduct authentication and authorization. Should
the central security server become unavailable, DAPguard will function as the backup security
server to maintain the integrity of the electronic security perimeter.
DAPguard
TM
DAPserver
DAPmini with
D20 RTU*
*D20 RTU is a product of GE Erngy