Maximizing Uptime with the Stratix 5900: Security and Performance Benefits

As we approach the golden age of automation and Industry 4.0, processes that were once manual or repetitive are being phased out with robotics and PLCs. This shift to the next generation of manufacturing and processing comes with the reliance on the Internet to program, run, and troubleshoot, leaving the door open for vulnerabilities that can result in cybersecurity attacks. Due to this, the demand for industrial routers has made its voice heard, and Allen Bradley has answered with their Stratix line. While several generations of Stratix routers exist, we will focus on the 5900.

Built for Industrial Applications

While some routers were designed for carpeted offices or quiet server rooms, the Stratix 5900 was not. Instead, it was built to feel at home in environments prone to dust, vibrations, and temperature swings. Its passively cooled, IP41-rated chassis is designed to operate in temperatures ranging from -13 to 140F (-25 to 60C), meaning it could keep cool next to stamping presses or welding bays. Added to this is its built-in shock and vibration protection, making it more than just another networking box.

The 5900 also allows you to mount it on the wall, floor, or DIN rail, which seems like a small detail but comes in handy when things are mounted vertically or when the work area is cramped. However, the recommended horizontally-mounted clearance is 1.5 inches on both sides for floor-mount bracket clearance and 2 inches on top, so keep that in mind before slipping it into a tight spot. It is also important to know that top clearance isn’t required, but stacking heat-dissipating objects on top of the router is not allowed.

Secure from the Ground Up

While having the fastest and most reliable network is a good goal, we argue that cybersecurity is just as vital, if not even more vital, for any company. For factories, cybersecurity is a crucial part of uptime that the Stratix 5900 is built to protect.

To do this, the Stratix 5900 employs a suite of tools to ensure you are covered from every angle, including its one-step router lockdown. This allows the router to harden its security posture by closing ports and disabling services with a single command. This acts as a safety net in the case of a threat. Along with it are zone-based firewalls and Context-Based Access Control to inspect the traffic going to and from so that it can dynamically adjust its policies.

Remote access is also protected with VPN tunnels, including Easy VPN and IPSec Virtual Tunnel Interfaces, so that you can connect securely across facilities or out to remote skids. All of this encryption is backed by crypto acceleration baked into the hardware to ensure that this encryption runs without turning the network into molasses.

Finally, intrusion prevention, content filtering, and multi-factor authentication support via IKEv2 let you pair certificates and credentials to keep out unauthorized parties. While all of these features sound heavy, the Stratix 5900 is designed and optimized to run light. The security stack works in tandem with the router’s core functions, so protection doesn’t come at the cost of performance.

Impressive Network Performance

Building on the notion of not compromising security and performance, the router’s Freescale dual-core 400MHz processor and 512MB of DRAM can handle all of these services. Paired with this are four RJ4510/100 fast Ethernet LAN ports and a Gigabit Ethernet WAN port, all equipped with auto-negotiation and auto-MDIX for quick and painless connections. While the WAN port hardware is gig-capable, the software smartly caps throughput for stability, ensuring that traffic stays consistent instead of peaking and sputtering. No surprises. Just uptime.

Routing protocols are where this unit stretches its legs. You’re not limited to static routes as it supports RIP, OSPF, and EIGRP, letting it fit into everything from basic segment handoffs to more dynamic multi-node environments. Add Performance Routing to the mix, and now your traffic can actively route itself around congestion, helping maintain flow even when links aren’t playing nice.

You also get Quality of Service, which means voice traffic, control signals, and critical alarms aren’t forced to wait behind bulk data or misbehaving devices. It keeps the important stuff in the fast lane, where it belongs.

And then there’s the little stuff that matters: warm reloads that don’t fully drop sessions when changes are made and a real-time clock to keep logs and diagnostics time-stamped and synchronized, even during unexpected reboots.

Fantastic Firewall Features

The first feature to discuss is the Zone-Based Firewall, which lets you define security zones and set rules for how traffic is moved between them. It’s like assigning trust levels: Trusted PC to a trusted server? Come on through. Unknown laptop to a control network? Not a chance. Since the user can configure zones down to individual interfaces, isolating critical gear is easy.

Next, we have Contect-Based Access Control, which watches the state of each connection. It’s a bit like port filtering, as it monitors the ongoing session and only allows return traffic. This ensures that spoofed or unexpected traffic gets shut down while valid responses are allowed through. Layering on deep packet inspection via Application-Level Gateway and Application Inspection Control allows you to control traffic based on protocols and commands instead of just IP addresses.

Finally, the Cisco Common Classification Policy Language is available for building class and policy maps. While overkill for basic setups, it’s incredibly powerful for integrators managing mixed traffic across segmented networks. All of this gives you the freedom to move traffic where and how you want it and the power to stop it when you don’t. We offer a deeper dive into the 5900s security features in this article here if you would like to check it out.

A Fit for Many Floors

The Stratix 5900 is the kind of router you throw into the toughest parts of your network and forget about since it just works. Do you have a remote I/O island that needs to report back over a secure connection? The 5900 will handle it with a VPN tunnel and a firewall to keep the rest of the network shielded. Need to get a process skid online for commissioning or temporary use? Mount it, power it, plug it in. No bulky infrastructure or time-consuming setup is needed. It also shines in OEM or machine-builder applications, where you need to hand off secure access to field engineers without opening your entire network to the outside world. With zone-based firewall rules and intrusion prevention at your fingertips, remote access can be both flexible and locked down.

Final Thoughts

Industrial traffic is a monster on its own, as control data, diagnostics, operator HMI traffic, and even voice and camera feeds ride over the same network. With the rise of cybersecurity attacks, these networks can leave vulnerabilities for bad actors to exploit. Thankfully, the Stratix 5900 is designed and proven to help safeguard industrial internet traffic, making it a vital tool for every complex. If you are in the market for one of these industrial routers, we carry many different generations of Stratix routers just like the one you just read. Visit us at DOSupply.com and take advantage of our superior networking equipment today, which is backed by our 2-year DO Supply warranty. Our team of experts is just a call or email away!