Stratix 5900: The Security-Focused Managed Switch Your Network Needs

Modern network devices must secure, protect, and ensure operational continuity while simply facilitating the network. Cybersecurity is paramount, even in industrial environments. The Stratix 5900 from Allen-Bradley is one such drive that answers these questions. It is not just another managed switch—it’s a secure and intelligent network device for protecting and optimizing the industrial automation system. This article provides a brief summary of this product’s potential role in industrial networks.

Overview of the Stratix 5900

The Stratix 5900 is an industrial-grade router for secure and reliable data transmission. The router supports various Ethernet protocols and can bridge or route multiple protocols into local area networks (LANs) and wide area networks (WANs). The device has increased network connectivity with several Fast Ethernet (10/100) and Gigabit Ethernet ports. However, the ultimate selling point of the Stratix 5900 is its emphasis on security. It has integrated VPN (Virtual Private Network) and firewall capabilities for cyber threats and/or unauthorized access.

Core Security Features of the Stratix 5900

Integrated Virtual Private Network (VPN)

The VPN functionality provides encryption for remote communication, making interaction over the Internet and other untrusted networks safe. This capability becomes integral for industries where machinery and equipment are spread over large geographic areas.

• IPsec VPN ensures that the traffic between the remote devices and the control system is encrypted, thus preventing unauthorized access and ensuring that data remains untampered during transmission.
• SSL (Secure Sockets Layer) VPN is an alternative option for secure communication. It is typically used to access web-based applications or secure connections from mobile devices.

SPI Firewall

The Stratix 5900 has a State Packet Inspection Firewall to manage and filter traffic. Where the traditional firewalls simply block or allow traffic based on preset rules, an SPI firewall tracks the state of active connections to make decisions based on the context of traffic.

The SPI firewall of the Stratix 5900 is responsible for the following.

• Monitoring of the incoming and outgoing network traffic with respect to the security policies.
• Identifying and blocking unauthorized access.
• Protecting the network perimeter by only allowing legitimate traffic.

Intrusion Prevention System (IPS)

The Stratix 5900 has an integrated Intrusion Prevention System that searches for attack patterns in network traffic. This feature is important as it protects against both known and emerging threats.

• The IPS scans and detects if there are any common attack signatures like malware or denial-of-service (DoS) attacks and automatically blocks harmful traffic.

Access Control Lists (ACLs)

Access Control Lists specify which type of traffic that will be allowed or denied within the network. The Stratix 5900 allows administrators to configure ACLs that:

• Define which user or device can access which network resources.
• Provide control over allowed communication types.
• Ensure that only the authorized devices are granted access.

Protocol Filtering and Quality of Service (QoS)

Network Address Translation (NAT) and NBAR protocol filtering are two embedded features on the Stratix 5900. These technologies help in monitoring and filtering traffic and prioritize it based on protocol types. With QoS capabilities, the Stratix 5900 then prioritizes critical data streams, preventing disruption in time-sensitive processes.

Environmental Specifications

The following are some of the environmental features of the Stratix 5900 that make it suitable for the most demanding conditions.

Wide Operating Temperature Range

The Stratix 5900 can effectively operate at a broad range of temperatures, from -25°C to +60 °C. This becomes significantly important when installing it in environments where temperatures fluctuate or are extreme. The wide operating temperature range makes this router suitable for factories exposed to heat or cold warehouses.

Vibration and Shock Resistance

Almost all industrial environments are subject to vibrations from either machinery or equipment. The Stratix 5900 has a vibration resistance of 1.13 Grms and shock resistance of 15 g. These properties ensure that the device can withstand the rough physical conditions it might be exposed to in the industry.

Ingress Protection and EMI Immunity

The Stratix 5900 is IP30-rated for protection against dust and other foreign particles. Moreover, it is built to withstand electromagnetic interference (EMI). Industrial equipment commonly generates electrical noise that might disrupt normal operation. The Stratix 5900 also complies with ISPR22 (IEC 61000-6-4) for emissions and IEC 61000-4-3 for radiated RF immunity.

Scalable and Flexible for Industrial Networks

A large-scale network has complexities that need to be dealt with. The Stratix 5900 is flexible, so it can accommodate a wide variety of industrial protocols. This makes it compatible with numerous existing systems.

Support for Multiple Industrial Protocols

The Stratix 5900 can be included in nearly any industrial network. This is possible due to its support for the protocols such as;

• Ethernet/IP for communication in industrial control systems.
• Modbus TCP for interfacing with industrial automation devices such as PLCs.
• CIP (Common Industrial Protocol) for communication in industrial systems.

Cellular Connectivity for Redundancy

One unique feature of the Stratix 5900 is its support for cellular connectivity with two SIM card slots for failover. This allows the device to continue operating even if the primary wired connection is broken, ensuring critical network communications remain uninterrupted. The router also supports both 3G and 4G LTE cellular technologies as a secondary communication option

Management and Monitoring Features

The security and performance of any industrial network need effective network management. This includes remote monitoring, configuring, and troubleshooting of the device.

Remote Management

The Stratix 5900 can be configured via a web interface or Command-Line Interface (CLI). This way, the network administrators can manage the router from potentially anywhere, without physically accessing the device.

Syslog and SNMP features

• Syslog allows centralized event logging, which allows administrators to track network behavior and diagnose potential issues.
• SNMP allows network administration, which means the device can be integrated into a broader network monitoring infrastructure.

Conclusion

The Stratix 5900 from Allen-Bradley is a security-centric industrial router. Its features include VPN, SPI firewall, IPS, and ACLs to defend systems against the growing threats of cyberattacks. Its environmental and redundancy features, as well as industrial protocols, make it suitable for industries like manufacturing, oil and gas, and water/wastewater.

Whether you’re looking to integrate the Stratix 5900 into your operations, upgrade your existing drives, or simply need reliable repair services backed by our two-year DO Supply warranty, we’re here to help. Our team is ready to answer any questions and make sure you get exactly what you need to keep your systems running strong. Give us a call today, and we can get your operation secure!