Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Product Profile - Stratix 5900

    Încărcat de

    Nicolás A. Selvaggio
    90 vizualizări2 pagini
    Product Profile - Stratix 5900

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Product Profile - Stratix 5900

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    90 vizualizări2 pagini

    Product Profile - Stratix 5900

    Încărcat de

    Nicolás A. Selvaggio
    Product Profile - Stratix 5900

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 2

    Allen-Bradley® Stratix 5900™

    Services Router

    Features
    Fully integrated with Cisco IOS, the
    Stratix 5900 uses a wide area network
    (WAN) port and four additional
    Ethernet-ports to help deliver:
    • Highly secure real-time
    control communication
    • Secure routing and firewall capabilities
    • Virtual Private Network (VPN)
    • Intrusion protection capabilities
    • Network Address Translation (NAT)
    • NBAR protocol filtering
    • Access Control Lists (ACL)
    • Quality of Service (QoS)
    for prioritization
    Additional features ideal of industrial
    applications include:
    The Stratix 5900 Services Router, catalog number 1783-SRKIT, combines
    • Extended shock and
    vibration capability
    a number of modern security functions into a single appliance to help
    • DIN rail mount
    protect your Industrial Automation and Control Systems network, not
    only at the perimeter, but also as the cell/zone level. The compact and
    • A temperature range of minus
    25 C to 60 C robust Stratix 5900 Services Router is an industrially hardened, managed
    router that also provides a number of managed switching features. The
    Stratix 5900 can help simplify the network infrastructure and machine
    Configure, Monitor integration by providing a single device to implement VPN, Firewall, NAT,
    and Maintain and many other services. It helps provide a rapidly deployable, reliable
    Stratix 5900 Device Manager and secure solution designed specifically for industrial applications.
    • Web-based graphical device
    management tool
    • Manage and diagnose network issues These capabilities make the services router well suited for:
    • Alarm tools to alert, identify and help
    Site-to-Site Connection – establishes encrypted tunnels between trusted
    solve network problems
    remote Industrial Zones over an untrusted network using a site-to-site
    Stratix Configurator VPN connection
    • PC-based application software for
    device management of IOS-based Cell/Area Zone Firewall – protects Cell/Area Zone from the greater
    Stratix products Industrial Zone by limiting the flow of information and access
    • Easy-to-use configuration wizards OEM Integration – allows OEM providers to define the flow of
    for router, firewall, intrusion
    information and access to their machine from the greater network while
    prevention system (IPS), VPN, unified
    communications, WAN and LAN
    making use of features such as NAT
    configurations
    Cisco Command Line Interface (CLI)
    Applying the Stratix 5900 Services Router
    The control system is no longer an isolated operation. This is a common application for industries where
    As industrial organizations move towards greater equipment that is dispersed across vast distances needs to
    visibility into their operations and advanced analytics, communicate with each other over an untrusted network
    the need to establish a seamless flow of information from to operate a common process.
    device to enterprise becomes extremely important.
    The appliance allows areas or machines within a factory
    An increased need for data gathering within the factory,
    to be isolated from each other. Using a services router
    and connectivity from device to DMZ to remote industrial
    with firewall capabilities allows you to monitor and block
    sites, from manufacturing zone to manufacturing zone,
    an input, output or system call that does not meet the
    all have become a requirement of modern industrial
    firewall’s configured policy. When combined, a VPN and
    networks. With this trend towards the connected
    firewall create a more robust, more secure network.
    enterprise, you now not only have to create a capable
    VPNs can also help create a secure tunnel for
    and reliable architecture, but a secure one as well.
    server-machine communications to protect the transfer
    With the Stratix 5900 Services Router, you can help
    of important data from other machines in the facility.
    protect and secure your industrial control system.
    By creating this segmentation, you are able to harden
    The Stratix 5900 Services Router enables manufacturing your network infrastructure so only the right people
    locations to connect to and communicate with remote and/or equipment can communicate with critical
    outstations. A remotely located machine that needs to production processes and reduce the risks from
    securely talk to a plant-based machine can now do so intentional or unintentional tampering.
    using the VPN and firewall features of the device.

    Enterprise-wide Levels 4 & 5 – Data Center


    Business Systems Enterprise Zones

    Level 3.5 – IDMZ

    Level 3 – Site Operations


    Plant-wide Industrial Zone
    Site-wide
    Operation Systems
    Physical or Virtualized Servers
    • FactoryTalk Application Servers & Services Platform
    • Network Services – e.g. DNS, AD, DHCP, AAA
    • Remote Access Server (RAS)
    • Call Manager
    • Storage Array

    Levels 0-2
    Site-to-Site Stratix 5900 Stratix 5900 Stratix 5900 Cell/Area Zones
    Connection 1) Site-to-Site Connection 2) Cell/Area Zone Firewall 3) OEM Integration

    Module
    Status

    Network
    Activity

    Network
    Status

    Point Bus
    Status

    1734-AENT

    System
    Power

    Field
    Power

    UTM

    UTM
    Module
    Status

    Network
    Activity

    Network
    Status

    Point Bus
    Status

    1734-AENT

    System
    Power

    Field
    Power

    D
    N
    e
    t NET
    MOD
    In Out

    0 15

    1 14 D
    2 13 N
    e
    t NET
    MOD
    In Out

    3 12 0 15
    4 11

    1 14
    5 10 2 13
    6 9

    3 12
    7 8 4 11

    P
    W
    R
    5 10
    X10 X1 6 9

    UTM
    7 8
    Logix5563 EtherNet/IP™
    P
    W
    R
    FORCE
    X10 X1
    AC/DC OUT

    D
    N
    e
    AC/DC OUT

    115 VAC RELAY t NET


    MOD
    In Out
    Module
    Status

    Network
    0 15
    115 VAC RELAY Activity

    Network
    Status

    Point Bus
    Status 1 14
    2 13

    1734-AENT

    System
    Power
    3 12
    Field
    Power 4 11

    5 10
    6 9

    7 8

    P
    W
    R

    X10 X1

    Remote Site Local Cell/Area Local OEM Skid/


    #1 Zone #1 Machine #1

    Site-to-Site Connection: OEM Integration:


    Tunnels the Industrial Zone trusted network Cell/Area Zone Firewall: Provides seamless integration from a machine
    to a remote site over an untrusted network Protects a Cell/Area Zone from builder or process skid builder solution into
    using a site-to-site VPN connection the greater Industrial Zone their customer’s plant-wide / site-wide
    network infrastructure

    Allen-Bradley, LISTEN. THINK. SOLVE., Rockwell Software and Stratix 5900 are trademarks of Rockwell Automation, Inc.
    Trademarks not belonging to Rockwell Automation are property of their respective companies.

    Publication ENET-PP006A-EN-E – Novemeber 2013 Copyright © 2013 Rockwell Automation, Inc. All Rights Reserved. Printed in USA.

    S-ar putea să vă placă și