VCL-5000: Firewall, Router and Encryption Equipment
Valiant’s VCL-5000 is an integrated router and firewall equipment with extremely advanced features that may be installed to secure critical infrastructure such as Sub-Stations, Smart Grid Distribution Systems, Airport and Railway IT Networks as well as Financial Infrastructure such as Banks and Payment Processing Gateways.
Access to VCL-5000 is password protected with advanced firewall capabilities that meet and exceed NERC as well as all mandatory requirements of Password Protection and Control as provided in the GR-815-CORE-2 specifications.
Wide Operating Temperature Range: -4°F ~ 149°F (-20°C ~ 65°C)
Suitable for installation in sub-stations, SCADA and industrial networks / harsh environments
Wide range of power supply options which includes, 24VDC, 48VDC, 110VDC, 250VDC and 90~240VAC 50/60Hz
Inclusion Policy - Access Control based upon White List IP addresses, MAC address and IP Domain
Exclusion Policy -Access Control based on Black List
Continuous monitoring of the TLS connection to nullify MitM attacks
Resistance to Denial of Service (DoS) Attack
Non-volatile Access Log with capability to "fingerprint" all successful and failed log-in attempts and keep a log of the IP addresses of all successful and failed logins / login attempts
SNMP trap generation, along with LED and external alarm indication
Password Protection with password strength monitor
SSH (Secure Access Control) with encrypted password protection.
VCL-5000 offers a wide range of VPN technologies ranging from modern SSL VPN’s to well known IPsec and also legacy options such as L2TP and PPTP. Site-to-Site and road warrior setups are possible and with the integrated OpenVPN client exporter, the client can be configured within minutes.
Firewall - Features and Capabilities:
Deep Packet Inspection
Point-to-Point Data encryption between two terminals
Point-to-Multipoint - Data encryption / VPNs between multiple RTU Terminals and the IEC 60870-5-104, DNP server(s) and C37.118 PMU data between substations and Load Dispatch Centres / SCADA Management and Rail Traffic Control Centres
Port (Soft) based
IP Address based
IP Domain based
White List and Black List options
White List Exception allowed and Blocks all other traffic by default (system default mode)
Black List Exception blocked and Allows all other traffic by default
Two-factor Authentication throughout the system
Forward Caching Proxy (transparent) with Blacklist support
Virtual Private Network (site to site & road warrior, IPsec, VPN & legacy PPTP support)
High Availability & Hardware Failover (with configuration synchronization & synchronized state tables)
Intrusion Detection and Prevention
Build-in reporting and monitoring tools including RRD Graphs