SEL-3610 Port Server
The SEL-3610 Port Server is an EIA-232, EIA-422, or EIA-485 serial-to-serial and Ethernet-to-serial cryptographic port server. The SEL-3610 increases the amount of available serial ports to communications processors and computers, and allows serial products to communicate securely through Ethernet networks. The Port Server tunnels serial data over an Ethernet connection using Secure Shell (SSH), Telnet, Modbus®, or raw Transmission Control Protocol (TCP) encapsulation. The SEL-3610 provides highly flexible serial and Ethernet port mappings, and can filter based on which connections listen or transmit. The device can be configured to establish virtual bonds between one or more logical Ethernet ports and one or more physical serial ports. The SEL-3610 supports enhanced security, enabling you to protect critical cyber assets with strong multifactor authentication technologies, such as RSA SecurID®, using Remote Authentication Dial-In User Service (RADIUS).
The SEL-3610 supports NERC CIP v3 and v5 compliance efforts without needing Technical Feasibility Exceptions (TFEs). The SEL-3610 resists known and unknown malware attacks with exe-GUARD™ embedded antivirus technology. Powerful rootkit resistance, embedded Linux® mandatory access controls, and process whitelisting help mitigate attacks against the Port Server itself and eliminate costly patch management and antivirus signature updates.
The SEL-3610 supports SEL-5827 Virtual Connect Client and SEL-5828 Virtual Port Service software. These applications are provided free by SEL to make remote SEL-3610 ports available for existing software and terminal applications on your PC, including those using Modbus TCP/RTU.
- Serial Port Expansion
Add 17 remote serial ports to computers and SEL-3530 Real-Time Automation Controllers (RTACs) via Ethernet connections. Restrict all access to unconfigured logical and physical ports.
- Master Port Functionality
Configure a serial or Ethernet port as a master port for secured, authenticated access to devices connected to the SEL-3610 Port Server. The SEL-3610 logs user access to connected devices for greater security and accountability.
- Highly Configurable Serial Mappings
Provide highly granular network configurations with a variety of serial-to-serial, serial-to-Ethernet, point-to-point, and point-to-multipoint mappings. Filter data based on which connections listen or transmit.
- Centralized Authentication
Manage user accounts and group memberships centrally using Lightweight Directory Access Protocol (LDAP)-accessible systems, such as Microsoft® Active Directory®, or use RADIUS. Using RADIUS allows you to enhance security with multifactor authentication, such as RSA SecurID.
- Seamless Modbus RTU to Modbus TCP Conversion
Configure the Port Server to act as a Modbus protocol transceiver, and allow Modbus serial devices to communicate with Modbus TCP products. Modbus conversions are applicable in one-to-one and one-to-many architectures.
- Centralized Logging
Track actual or attempted access to the SEL-3610. Log and store up to 60,000 configuration settings, changes, and events locally, or send unlimited logs remotely with Syslog.
- Accurate Time Synchronization
Synchronize timing information from the SEL-3610 using IRIG-B for synchrophasor-accurate timing and Network Time Protocol (NTP) over Ethernet for granular logging and event timing.
- Exe-GUARD Whitelist Antivirus
Protect against known and unknown malware with embedded whitelist antivirus. Reduce patch cycles and resist zero-day attacks without additional settings.
- Virtual Software Client Support
Transform unsecured serial or legacy Ethernet communications on Windows® computers to cryptographically secure channels by using SEL-5827 Virtual Connect Client or SEL-5828 Virtual Port Service software. These applications are provided free by SEL to make remote SEL-3610 ports available for existing software and terminal applications on your PC, including those using Modbus TCP/RTU. Data are secured using SSH with SEL-3610 port groups, Master Ports, and serial ports.
Automate Modbus RTU to Modbus TCP Conversion.
Use Remote Datastream Diagnostics with Sniffer Ports.
Use Easy Web Management.
Use Centralized Authentication With LDAP.
Provide Substation Time Synchronization.
Easily Gather Events from Remote Devices.
Build Highly-Configurable Serial Port Mappings.
Bridge Ethernet Ports.
SEL University Training
- APP 3620: Sensible Cybersecurity Using the Ethernet Security Gateway
To effectively mitigate evolving cyberthreats, the cybersecurity posture of the modern substation must be aligned with modern defense-in-depth strategies. APP 3620 is designed to bridge the gap between foundational cybersecurity competencies and practical application.
- COM 203: SEL Cybersecurity Best Practices for Critical Infrastructure
If modern substation design is implemented poorly and lacks adequate cybersecurity, it can be vulnerable to cyberattack and exploitation. A lack of cybersecurity will eventually lead to decreased power system reliability. Cybersecurity is a key component of enhanced power system reliability and operation.