magnum dx940 configurable industrial...
TRANSCRIPT
Features• Four network interface types
in one industrial unit: - Ethernet copper or fiber,
100Mb or Gb - T1 /E1/DDS WAN - 3G Cellular wireless - Serial RS232/RS485
• Hardened to substation EMI/ESD specs and -40° to +85° Cwith no fans
• Modbus TCP and ModbusASCII/RTU internetworking
• Network cyber security andmanagement security includ-ing IPsec, VPN, SSL andfirewall
• Panel, DIN-Rail or rack mount-ing with integral CSU/DSUand power supply
The versatile Magnum™ DX940 Configurable Industrial Router combines WANaccess, IP routing, Ethernet switching, Serial-to-IP terminal services and advancedsecurity features in a small-footprint industrial package suitable for small and mid-sized remote sites such as electrical substations, renewable power generation facili-ties and transportation control pedestals. With 3G wireless capability, as well asconfigurable port options for 10/100 and 1Gb copper and fiber media, the DX940secure access even where wireline is too difficult or too expensive to deploy.
Magnum™ MNS-DX – Managed Network Software (MNS) for Magnum DXfamily of routers provides the functionality needed by industrial routers. A full rangeof routing software along with security features enables the Magnum DX940 routerto perform efficiently in harsh industrial environments. A flexible integrated proto-col analyzer provides remote trouble shooting. Advanced statistics provide detailedtraffic analysis.
The configurability of Magnum DX940 extends to MNS-DX software featuresas well. A licensed software key unlocks additional features for extra security andadvanced routing Extra security features such as IPSec/VPN, firewall, RADIUS,syslog and other security capabilities can be added to MNS-DX via MNS-DX-SE-CURE, which also provides IP firewall features including address/port inspection/filtering; VPN connectivity over IPsec with strong 3DES and AES encryption andboth shared key (PSK) and X.509 certificates. VPN’s comply to various IPSec/VPNstandards and have proven interoperability with other industry standard VPN de-vices. Cyber security capabilities cover both electronic perimeter protection for re-mote sites and management security for the DX940. Advanced statistics and eventrecording are available with downloadable local logs, SNMP MIBs and traps, andsyslog remote logging. Advanced routing capabilities such as OSPF and BGP areadded to MNS-DX using the MNS-DX-ADVAR.
Adding Serial ports enables Serial-IP terminal services via RS232, RS485 andRS422 serial interfaces as well as protocols such as DNP, telnet and Modbus, includ-ing Modbus-ASCII/RTU to Modbus-TCP interworking. With MNS-DX-SECURE, serialdevices can tranmit data securely using Serial-SSL using well proven, robust encryp-tion methods.
The DX940 is purpose built for extremely harsh environments such as powerutility substations. The DX940 meets IEEE 1613 and IEC 61850-3 specifications forEMI/ESD protection and operates at -40 to +85° C without open vent holes or fans.Hard metal packaging is standard and conformal coating for protection againstmoisture and corrosion is also available.
The DX940 is 9" by 9.5" and one 1.75" rack unit deep, with mounting optionsfor panels, DIN rails or 19" or 23" or ETSI racks. Integration of wide-input auto-ranging power supplies and of telco-compatible CSU/DSU functionality into thebase DX940 product further reduces space requirements & local wiring complexity.
Magnum DX940Magnum DX940 Configurable Industrial Router
Magnum DX940 Configurable Industrial RouterSpecificationsSpecificationsCONFIGURABLE PORTSFour 10/100 Ethernet ports Four 10/100 Ethernet ports configured as autonegotiating RJ45 copper portsFour 100M SFP Ethernet ports SFP fiber modules available as 100Mb fiber(multi-mode and single-mode.) Single-mode up to 40Km. Multi-mode up to2KmTwo Gigabit Ethernet portsTwo 10/100/1000 Copper ports or two Gigabit SFP sockets for Gigabit fiber viaGb SFP’sFour Serial DB9 ports RS232/RS485 software selectable DB9 interface. Serialdata rate from 300 bps to 230.4 kbps. Data length - 1-32 bits.WAN Ports DDS: 56/64 kbps OR T1/E1: 1.544 Mbps / 2.048 Mbps G.703; Fullrate and fractional (N*56/64kbps); Integral CSU/DSUCellular Wireless Data Access 3G EVDO REV A, EVDO, CDMA,; Frequency –1900MHz/800 MHz; supports antenna diversity
NETWORK STANDARDSIEEE 802.3z, 802.3ab, 802.1p: 100BASE-TX, -FX, 1000BASE-SX, -LX,IEEE 802.3u: Auto-negotiation on TPIEEE 802.3x, 802.1p: flow control and prioritizationIEEE 802.1Q: VLANs, maximum 32 VLANsIEEE 8021.1d, 802.1w: Spanning Tree, Rapid Spanning Tree including RSTP2004 extensions providing sub-second hop on ringsIEEE 802.1p: DiffServ, traffic prioritization for routed IP flows/ports
SERIAL PROTOCOLSAsync to TCP/IP – including Modbus gateway for connectivity to serial Modbusdevices and to other Modbus Ethernet devices; TCP/IP to serial terminalserver, reverse terminal server; Serial Multipoint and Multimaster Topologies;PPP with authentication
SOFTWARESee MNS-DX data sheet for details on MNS-DX-DECURE and MNS-DX-ADVARlicensed software
MANAGEMENT & DIAGNOSTICSEase of use: Web-based Graphical User Interface (GUI) or CLI access remoteSSH or TELNET connectionPowerful built-in protocol analyzer to assist with trouble shootingOther: Comprehensive statistics, SNMP MIB II and SNMP Traps, RoutingInformation, DHCP, ARP and other tables.
ENVIRONMENTAL MONITORINGAlarm Port: Relay contacts for alarms, Form C, two NC/NO, software controllable
OPERATING ENVIRONMENTIEC 60068 Op. Temp. per “Type Test” -40° to 185°F (-40° to 85°C)UL 60950 “Component Parts” temperature rating: 140°F (60°C)Storage: -40° to 185°F (-40°to 85°C),Ambient relative humidity: 5% to 95% (non-condensing)
POWER OPTIONSHigh Voltage (H): 90-250 V AC or DC, 50-60Hz, 0.3A, 27 WLow Voltage DC (L): 24-48 V DC, 1.3A, 31 W
MECHANICALDimensions: 9.5" W x 9.0" D x 1.75" H (24.13 cm x 22.86cm x 4.45 cm);Optional 19 inch Rack Mount, 1 RUWeight: 5 lbs (2.3 kg)Mounting: 19” ETSI and 23” Rack, Panel Mount and DIN-Rail
AGENCY APPROVALS AND STANDARDS COMPLIANCESafety: UL 60950-1, cUL, EN60950–1, CSA C22.2, Emissions meet FCC Part15, Class A. IEEE 1613 Class 2 Environmental Std., IEC 61850-3, IEC 61000-6-5 for Electric Power Substations, NEMA TS-2 for traffic controlImmunity: EN55024, EN61000-6-2, EN61000-4-2 (ESD), EN61000-4-3 (RF),EN61000-4-4 (EFT), EN61000-4-5 (SURGE) EN61000-4-6 (CRF), EN61000-4-10 (MAG FIELD), EN61000-4-11 (VDI), EN61000-4-12 (OSCILLATION),
EN61000-4-16 (CCM), EN61000-4-17 (RIPPLE), EN61000-4-29 (VDI)
WARRANTY:Three years Made in USA
©2010 GarrettCom, Inc. Printed in United States of America Doc No. DX940 03/10GarrettCom, Inc. reserves the right to change specifications, performance characteristics and/or modelofferings without notice. GarrettCom is a registered trademark of GarrettCom Inc. Magnum, Dymec,DynaStar, S-Ring, and Link-Loss-Learn are trademarks of GarrettCom, Inc. NEBS is a registered trademarkof Telcordia Technologies. UL is a registered trademark of Underwriters Labs.
GarrettCom, Inc.47823 Westinghouse Drive
Fremont, CA 94539PH: (510) 438-9071FAX: (510) 438-9072
Email: [email protected]: www.GarrettCom.com
• Graphical User Inter-face (GUI) and CLI
• Cyber Security fea-tures: firewall, IPSec,VPN, authenticationand encryption
• Redundancy features:routing, RSTP, VRRP,BGP, OSPF
• Built-in protocol ana-lyzer for easy troubleshooting
• Supports all MagnumDX platforms and con-figurations
Magnum™ Managed Network Software for Magnum DX family of routers (MNS-DX) provides thefunctionality needed by industrial routers. A full range of routing software along with security andredundancy features enable the Magnum DX routers to perform efficiently in harsh industrial environments.MNS-DX includes features needed to connect a variety of different devices and interface types to arouted network.
MNS-DX includes capabilities such as• Ethernet ports can be configured as switched ports or routed ports or combinations• Serial ports can be software configurable as RS232 or RS485 ports• WAN configuration provides the necessary menus to configure a T1/E1 or DDS circuits• Cellular Wireless Data Access over 3G EVDO cellular networks• RSTP supports RSTP-2004 (802.1w) & STP (802.1d), provides resilient Ethernet networks• Routing features support RIP and RIP-II for routed ports and VLANs. OSPF and BGP is in MNS-DX
ADVAR• VRRP – Virtual Router Redundancy Protocol provides router redundancy for Ethernet LAN devices• DHCP Server and Client – provides DHCP services or queries for IP addresses• Remote Access for secure administration is via SSH and optionally via telnet• VLANs (802.1q) supports tagged based VLANs as access VLANs or trunk ports. Trunk ports allow
filtering of unauthorized VLANs• SNMP supports v1, v2 and v3 – for managing the device using Network Management Systems• Event log locally stored provides a log of the most recent events. Syslog is in MNS-DX-SECURE• SNTP provides time synchronization with NTP/SNTP servers• PPP allows an asynchronous dial in backup connection over an analog modem or framing for DDS• Modbus interoperability over Ethernet or serial ports (RS232 or RS485). Modbus Gateway (MODBUS/
TCP) and Modbus-ASCII/RTU interworking, DNP and serial-IP raw mode for serial ports• QoS prioritzation to traffic using QoS and DiffServ tags across a network, and across a WAN port• Maintenance: MNS-DX stores different configuration files locally or on a remote server which allows
falling back to a different configuration easily• Trouble shooting is made easy with a built in protocol analyzer
MNS-DX-SECURE adds extra security features such as IPSec, VPN, firewall, encryption and authenticationneeded for industrial cyber security. Extra Security features are unlocked via a licensed software key. IPfirewall includes address/port inspection/filtering. VPN connectivity over IPSec with strong industry standardencryption with shared keys (PSK) and X.509 certificates provide robust secure access. VPN’s comply toIPSec standards and have proven interoperability with industry standard VPN devices. Managementsecurity includes encrypted interfaces multilevel userIDs with strong-form passwords and authenticationvia RADIUS. Serial data is encrypted using Serial SSL capabilities included in MNS-DX-SECURE.MNS-DX-SECURE features include
• VPN and Key Management - proven interoperability and conformance to industry standards• Firewall provides stateful firewall rules for traffic flows or for IP streams or ports• RADIUS provides management authentication via a RADIUS Server• Login Banner configurable banner maessage before login to deter unauthorized users• Secure Serial SSL connectivity allows serial devices to encrypt data• Syslog enables logs to be collected by syslog servers for security analysis• SSH Port Forwarding allows secure access to less secure devices on the network• Security certificate management allows a user to manage signed certificates
MNS-DX-ADVAR adds advanced routing options such as OSPF, BGP. Advanced Routing featuresare unlocked via a licensed software key.
MNS-DX provides the reliability, security and robustness needed in industrial routers. Tocomplement the Magnum DX substation-hardened hardware capabilities, MNS-DX providesindustrial strength software capbilities for reliable, secure industrial networks.
Managed Networks Softwarefor Magnum DX RoutersMagnum MNS-DXMagnum MNS-DX
Managed Network Softwarefor Magnum DX Routers
GarrettCom, Inc.47823 Westinghouse Drive
Fremont, CA 94539PH: (510) 438-9071FAX: (510) 438-9072
Email: [email protected]: www.GarrettCom.com
Ease-of-use features: GUI operations and simple to use GUI configuration options, e.g.
User accounts, Export configurations, load new image, time synchronization etc. The ease
of use features include wizards
Serial Ports: Async to TCP/IP – including Modbus, terminal services and PPP with authentication
WAN Ports: MNS-DX supports the necessary WAN configurations options for configuring
DDS and T1/E1
Cellular: Provides the necessary configuration for Wireless Data Access over 3G EVDO
cellular networks
IP Routing: RIP, RIP II as per RFC 1058, RFC 1388, Sec 3.3 RFC 1723, RFC 2453
CLI (Command Line Interface): CLI for the Magnum DX’s console port, offers a rich set of
commands, including Tab Key Help feature, through a VT100 character terminal or equivalent
emulation
VRRP (Virtual Router Redundancy Protocol): VRRP defines a virtual router as the default
router for a LAN segments. MNS-DX supports VRRP as per RFC 3768
NAT/PAT: NAT and PAT allow different devices to communicate using a single or multiple IP
addresses. NAT/PAT as per RFC 1631 and RFC 2663
DHCP Server: DHCP Server manager IP address space for devices requesting IP address
using DHCP. DHCP server as per RFC 2131
DHCP Client: DHCP client makes a request for IP address and other IP information from
DHCP servers present on the network. DHCP client as per RFC 2131
STP (Spanning Tree Protocol), IEEE 802.1d: Provides interoperable support for redundant
paths and connections while preventing loops in the network
RSTP (Rapid Spanning Tree Protocol), IEEE 802.1w: RSTP includes RSTP-2004. Similar to
STP(IEEE 802.1d) but faster in changing interconnection direction. Used in conjunction with
Magnum 6K switches for redundant rings and meshes of managed switches and routers.
Industry standard compliant for interoperability.
VLANs, IEEE 802.1q: Users may configure VLANs for traffic segmentation. MNS-DX
provides capabilities for the DHCP server to assign IP addresses to segments defined by
VLANs. Physical ports can be defined as access ports or trunk ports. Trunk ports can filter
out unauthorized VLANs
SNTP (Simple Network Time Protocol): Automatically synchronizes the Magnum DX’s
internal clocks with other devices on the LAN, handling time-zones worldwide as well as
time changes for Daylight Savings. SNTP is per RFC 1769 and RFC 2030
Event Log: System events are recorded in a log locally, enabling the system manager to
track and analyze what has happened within the Magnum DX system operations
Modbus: MNS-DX implements the Modbus specifications for connecting Modbus devices –
whether they are over a serial connection on Magnum DX Serial ports or other Modbus
devices on Ethernet. MNS-DX implements the Modbus gateway functionality
SNMP (Simple Network Management Protocol) v1, v2, v3: Provides basic network
management by using agent software in the Magnum 6K that collects and saves pre-
defined data, and responds to queries and commands from a network manager station. v1
is implemented per RFC1155, RFC1157, RFC1212, RFC1213 (MIB II), Bridge MIB RFC1493,
and RFC1757 plus security enhancements. v2 is per RFC 1901-08. v3 provides encrypted
authentication & access security and is per RFC 2271-75. All are supported by TCP/IP and
UDP/IP
PPP (Point to Point Protocol): PPP allows a modem to initiate a connection to
remote networks using a dial up line. PPP over WAN provides framing services for
DDS circuits. PPP compliant to RFC 1334 and RFC 1661
MNS-DX-SECURE – Extra Security – licensed software features for MNS-DX or
MNS-DX-ADVAR
MNS-DX-SECURE includes all the capabilities of MNS-DX, plus
VPN: VPN provides a secure connection to another remote location over a public
network such as the Internet. Magnum DX router IPSec VPN has proven interoperability
with other VPN devices. VPN implementation as per RFC 2401- 2410, RFC 4302, RFC
4303, RFC 2451, RFC 3602, RFC 4868. Encryption methods include Diffie-Hellman
Groups 1,2,5,14 crypto; DHE with PFS; DES; 3DES; Blowfish-CBC; AES-128; AES-
192 and AES-256. Authentication mechanisms include HMAC-MD5-128, HMAC-
SHA1-160, MD5, SHA1, SHA-224, SHA-256, SHA-384, SHA-512. Multiple tunnels
can be setup for multiple source-destination pairs. VPN tunnels conform to the IPSec
protocol.
RADIUS: Provides authentication to Magnum DX router via a RADIUS server.
RADIUS conforms to RFC 2865 and RFC 2866
Security Certificates: allows management of security certificates
Key Management: Internet Key Exchange (IKE) and Pre-shared Keys (PSK) conform
to RFC 2409
Serial SSL connectivity: Serial Port SSL VPN provide secure communications for
devices connected to serial ports.
SSH port forwarding for secure access to other less secure devices using SSH
tunnels
Syslog: Syslog provides log centralization using the Syslog protocol. Syslog is conformant
to RFC 3164
MNS-DX-ADVAR – Advanced Routing – licensed software features for MNS-DX
or MNS-DX-SECURE
MNS-DX-ADVAR includes all the capabilities of MNS-DX plus
BGP (Border Gateway Protocol): BGP is a core routing protocol commonly used by
large networks to manage routing and other polices based on IP blocks. BGP as per
RFC 4271
OSPF (Open Shortest Path First): OSPF is a dynamic routing protocol used by
routers and provides fast recovery. OSPF as per RFC 2328
©2010 GarrettCom, Inc. Printed in United States of America Doc No. MNS-DX 03/10GarrettCom, Inc. reserves the right to change specifications, performance characteristics and/ormodel offerings without notice. GarrettCom is a registered trademark of GarrettCom Inc.Magnum, Dymec, DynaStar, S-Ring, and Link-Loss-Learn are trademarks of GarrettCom, Inc.NEBS is a registered trademark of Telcordia Technologies. UL is a registered trademark of Un-derwriters Labs.
Ordering Information
MNS-DX – Included with all Magnum DX routers
MNS-DX-SECURE – includes all features of MNS-DX and adds extra security features
MNS-DX-ADVAR – includes all features of MNS-DX and adds advanced routing features
MNS-DX-MAINT – Annual maintenance for software updates for one Magnum-DX router
for one year. Includes MNS-DX, MNS-DX-SECURE and MNS-DX-ADVAR as applicable
SpecificationsSpecifications