Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Wireless Device Server with 2 Serial and/or 2 Ethernet Ports, 128-bit Encryption
RoS
eRSTP eRSTP
TM TM
Rugged Operating
System™
ZPL ZPL
Baud rates up to 230 kbps
Built-In optional RS485 Termination Rugged Operating
eRSTP
Zero-Packet-Loss™ Zero-Packet-Loss™ System™
Ethernet Ports
2 - Fast Ethernet ports (10/100BaseTX
TM
or 100 BaseFX)
Multiple fiber connector types Rugged Operating
System™
Cyber Security
WPA (Wi-Fi Protected Access) with TKIP for enhanced
security and encryption
WPA2/802.11i with CCMP for robust security and
128-bit AES encryption
The RuggedWireless™ RS910W is an industrially hardened wireless IEEE 802.1X/RADIUS using EAP-PEAP for secure “enterprise
Serial/Ethernet Device Server that has been specifically designed class” authentication configuration
to operate reliably in electrically harsh and climatically demanding Pre-shared Key Mode (PSK) for “personal” mode
environments. The RS910W features a wireless LAN (WLAN) authentication configuration
interface combined with 2 serial ports and/or 2 Fast Ethernet ports. Multi-level user passwords
The RS910W allows you to connect any RS-232/ 422/485 serial SSH/SSL (128-bit encryption)
devices at up to 230 kbps and/or connect Ethernet devices for Enable/disable ports, MAC based port security
wireless access and control via an IEEE 802.11i wireless LAN. The Port based network access control (802.1x)
RS910W eliminates costly wiring and simplifies network installation. VLAN (802.1Q) to segregate and secure network traffic
R ADIUS centralized password management
The RS910W functions as a wireless “client/bridge” within an
IEEE 802.11b/g compliant WLAN. This allows the RS910W to SNMPv3 authentication and 56-bit encryption
transfer data for connected serial port and Ethernet devices via an
Rugged Operating System (ROS®) Features
installed Wireless Access Point. The RS910W is capable of wireless
Simple plug and play operation - automatic
data rates of up to 54Mbps whose bandwidth is available for the
learning,negotiation, and crossover detection
combined device traffic volume emanating from two serial ports and
MSTP (802.1Q-2005, formerly 802.1s)
two Ethernet ports.
RSTP (802.1D-2004) and Enhanced Rapid Spanning Tree
Static authentication support is provided by WPA-PSK. For (eRSTP™) network fault recovery (<5ms)
authentication by an access point and a RADIUS server, the RS910W Quality of Service (802.1p) for real-time traffic
supports IEEE 802.1X/RADIUS for wireless user traffic and distributing VLAN (802.1Q) with double tagging and GVRP support
dynamic encryption keys. All wireless communications are protected Link aggregation (802.3ad)
by the very latest “robust security networks” features including strong IGMP Snooping for multicast filtering
encryption protocols using WPA with TKIP and even WPA2/802.11i Port Rate Limiting and Broadcast Storm Limiting
with 128-bit AES encryption. Static authentication support is provided Port configuration, status, statistics, mirroring, security
by WPA-PSK. For additional centralized control, the RS910W also SNTP time synchronization (client and server)
supports IEEE 802.1X/RADIUS for wireless user traffic and distributing
dynamic encryption keys. RuggedRated™ for Reliability in Harsh Environments
Immunity to EMI and heavy electrical surges
The RS910W has an operating temperature range of -40 to +85°C zz Meets IEEE 1613 (electric utility substations)
without the use of internal cooling fans allowing it to be placed in zz Exceeds IEC 61850-3 (electric utility substations)
almost any location. The RS910W also has an integrated power zz Exceeds IEC 61800-3 (variable speed drive systems)
supply with a wide range of voltages for worldwide operability, and is zz Exceeds IEC 61000-6-2 (generic industrial)
compliant with EMI and environmental standards for utility substations, zz Exceeds NEMA TS-2 (traffic control equipment)
industrial manufacturing, process control and intelligent transportation -40°C to +85°C operating temperature (no fans)
systems applications. 20 AWG galvanized steel enclosure
DIN or panel mounting options provide secure mechanical
The RS910W is backed by a five year warranty and unsurpassed
technical support. reliability
Hazardous Locations: Class 1, Division 2
RuggedWIRELESS™ RS910W
Fast Ethernet Ports: Operating Temperature Antenna
2 - Fast Ethernet Ports
XX - 40°C to +85°C
XX Standard 3dBi
XX
10/100BaseTX or 100BaseFX
XX No Fans
XX Various antenna option
XX
Multiple Fiber connector types
XX packages available
Wireless Specifications
IEEE 802.11b/g compliant provides simultaneous support for
Modulation technology:
both IEEE802.11b and IEEE802.11g wireless clients. zz IEEE 802.11b: DSSS over CCK (11/5 Mbps), DQPSK
Can be configured as an access, client or bridge device
(2 Mbps), DBPSK (1 Mbps)
Antenna type: Removable, upgradeable 3dBi Antenna with
zz IEEE 802.11g: OFDM over 64QAM, 16QAM, QPSK, BPSK
R-SMA (male) connector
Transmit power:
Operating channels/frequency-range:
IEEE 802.11b: 20dBm nominal @ 11 Mbps
zz 11 channels, 2.400 - 2.4720 Ghz (US, Canada)
IEEE 802.11g: 16dBm nominal @ 54 Mbps
zz 13 channels, 2.400 - 2.4835 Ghz (ETSI)
Receiver sensitivity:
zz 14 channels, 2.400 - 2.4970 Ghz (Japan)
zz IEEE 802.11b: -88dBm @ 11 Mbps with 8% FER
Data rates:
zz IEEE 802.11g: -74dBm @ 54 Mbps with 10% FER
zz IEEE 802.11b: 11/5.5/2/1 Mbps with automatic failback
zz IEEE 802.11g: 54/48/36/24/18/12/9/6 Mbps with automatic
failback
ROS® Features
Serial IP Encapsulation
Point to Point (PPP) - using CHAP (MD5 Hash)
Many ‘legacy’ devices (RTU, PLC, IED, etc.) only support authentication service
serial communications via RS232, RS422 or RS485. ROS® SFTP - Secure File Transfer Protocol using SSH encryption
encapsulates the serial data within a TCP connection allowing
these devices to be reached via an IP network. A wide range of The ROS® cyber security features are included to help address the
baud rates, frame packetization options, and diagnostics allows various industry specific security standards such as NERC CIP, ISA
any serial protocol to function. The RS910W has specific support S99, AGA 12, IEC 62443, ISO 17799:2005 and PCSRF SPP-ICS.
for the following serial protocols:
Enhanced Rapid Spanning Tree Protocol (eRSTP™)
R
aw Socket serial encapsulation
RuggedCom eRSTP™ allows the creation of fault-tolerant ring
M
odbus TCP (client and server)
and mesh Ethernet networks that incorporate redundant links
D
NP 3
that are ‘pruned’ to prevent loops. eRSTP™ yields worst-case
W
IN and TIN
fault recovery1 of 5ms times the ‘bridge diameter’ and allows
M
icrolok
rings of up to 160 switches. For example, a ring of ten switches
will have fault recovery times under 50ms. eRSTP™ implements
MODBUS TCP both STP and RSTP to ensure interoperability with commercial
The Modbus protocol is ubiquitous in the industrial control and switches unlike other proprietary ‘ring’ solutions.
automation world. ROS® converts Modbus RTU master/slave
serial data packets to Modbus TCP client/server packets for Quality of Service (IEEE 802.1p)
transmission over an IP network. This allows communications to Some networking applications such as real-time control or VoIP
Modbus RTU slaves via Ethernet and allows multiple masters to (voice over IP) require predictable arrival times for Ethernet
poll the same slave device. frames. Switches can introduce latency in times of heavy network
traffic due to the internal queues that buffer frames and then
Cyber Security transmit on a first come first serve basis. ROS® supports ‘Class of
Cyber security is an urgent issue in many industries where Service’ in accordance with IEEE 802.1p that allows time critical
advanced automation and communications networks play a traffic to jump ahead to the front of the queue thus minimizing
crucial role in mission critical applications and where high latency and reducing jitter to allow such demanding applications to
reliability is of paramount importance. Key ROS® features that operate correctly. ROS® allows priority classification by port, tags,
address security issues at the local area network level include: MAC address, and IP type of service (ToS).
Passwords - Multi-level user passwords secures switch A configurable “weighted fair queuing” algorithm controls how
against unauthorized configuration frames are emptied from the queues.
SSH / SSL - Extends capability of password protection
to add 128-bit encryption of passwords and data as they cross VLAN (IEEE 802.1Q)
the network Virtual local area networks (VLAN) allow the segregation of a
Enable/Disable Ports - Capability to disable ports so that physical network into separate logical networks with independent
traffic can not pass broadcast domains. A measure of security is provided since hosts
802.1Q VLAN - Provides the ability to logically segregate can only access other hosts on the same VLAN and traffic storms
traffic between predefined ports on switches are isolated. ROS® supports 802.1Q tagged Ethernet frames and
MAC Based Port Security - The ability to secure ports VLAN trunks. Port based classification allows legacy devices to be
on a switch so only specific Devices / MAC addresses can assigned to the correct VLAN. GVRP support is also provided to
communicate via that port simplify the configuration of the switches on the VLAN.
802.1x Port Based Network Access Control - The ability to
lock down ports on a switch so that only authorized clients can Link Aggregation (802.3ad)
communicate via this port The link aggregation feature provides the ability to aggregate several
RADIUS - authentication service using MD5 hash and Ethernet ports into one logical link (port trunk) with higher bandwidth.
providing centralized password management This provides an inexpensive way to set up a high speed backbone
SNMPv3 - encrypted authentication access security and data to improve network bandwidth. This feature is also known as “port
encryption (CBC-DES with 56-bit encryption key) trunking”, “port bundling”, “port teaming”, and “Ethernet trunk”.
Secure Socket Layer - Web-based management using SSL
with data encryption (128-bit encryption key) IGMP Snooping
RSA – 1024 bit key for key management and key exchange ROS® uses IGMP snooping (Internet Group Management
TACACS+ - Terminal Access Control and Accounting Services Protocol v1&v2) to intelligently forward or filter multicast traffic
Client provides encrypted authentication and authorization streams (e.g. MPEG video) to or from hosts on the network.
ROS® Features
This reduces the load on network trunks and prevents packets Port Mirroring
from being received on hosts that are not involved. ROS® has a ROS® can be configured to duplicate all traffic on one port to a
very powerful implementation of IGMP snooping that: designated mirror port. When combined with a network analyzer,
this can be a powerful troubleshooting tool.
Can be enabled on a per VLAN basis.
Detects and filters all multicast streams regardless of
Port Configuration and Status
whether subscribers exist. ROS® allows individual ports to be ‘hard’ configured for speed,
Supports “router-less” operation by supporting an “active” mode.
duplex, auto-negotiation, flow control and more. This allows
Restores traffic streams immediately after an RSTP
proper connection with devices that do not negotiate or have
topology change. unusual settings. Detailed status of ports with alarm and SNMP
SNMP (Simple Network Management Protocol) trap on link problems aid greatly in system troubleshooting.
SNMP provides a standardized method for network management
stations the ability to interrogate devices from different vendors. Port Statistics and RMON (Remote Monitoring)
SNMP versions supported by ROS® are v1, v2c, and v3.SNMPv3 ROS® provides continuously updating statistics per port that
in particular provides security features such as authentication, provide both ingress and egress packet and byte counters as
privacy with data encryption (CBC-DES with 56-bit encryption well as detailed error figures. Also provided is full support for
key) and access control not present in earlier SNMP versions. the RMON statistics, history, alarms, and event groups. RMON
ROS® also supports numerous standard MIBs (Management allows for very sophisticated data collection, analysis and
Information Base) allowing for easy integration with any network detection of traffic patterns.
management system (NMS). A feature of SNMP supported
by ROS® is the ability to generate “traps” upon system events. Event Logging and Alarms
RuggedNMS™, the RuggedCom management solution, can ROS® records all significant events to a non-volatile system log
record traps from multiple devices providing a powerful network allowing forensic troubleshooting. Events include link failure and
troubleshooting tool. It also provides a graphical visualization of recovery, unauthorized access, broadcast storm detection, and
the network and is fully integrated with all RuggedCom products. self-test diagnostics among others. Alarms provide a snapshot of
recent events that have yet to be acknowledged by the network
SCADA and Industrial Automation administrator. An external hardware relay is de-energized during
ROS® contains features that optimize network performance and the presence of critical alarms allowing an external controller to
simplify switch management based on the unique requirements react if desired.
found in SCADA and industrial automation applications. Features
such as Modbus TCP management for retrieval of switch data HTML Web Browser and Telnet User Interfaces
using the ubiquitous Modbus protocol and DHCP Option 82, ROS® provides a simple, intuitive user interface for configuration
a Rockwell Automation ODVA requirement for IP address and monitoring via a standard graphical web browser or via
assignment based on the location of the end device, provide Telnet. All system parameters include detailed on-line help to
capabilities not found in typical “commercial” or “office grade” make setup a breeze. ROS®, presents a common look and feel
Ethernet switches. and standardized configuration process allowing easy migration
to other RuggedCom managed products.
Port Based Network Access Control (802.1x)
ROS® supports the IEEE 802.1x standard that defines a Configuration via ASCII Text File
mechanism for port-based network access control which All configuration parameters are stored in an ASCII formatted
provides a means of authenticating and authorizing devices text file that can easily be transferred via TFTP or Xmodem.
attached to LAN ports. The configuration file can be saved for backup purposes and
easily manipulated by a text editor. The same text file can be
Port Rate Limiting downloaded to the switch at a later date in order to re-configure
ROS® supports configurable rate limiting per port to limit unicast or restore a previous configuration.
and multicast traffic. This can be essential to managing precious
network bandwidth for service providers. It also provides edge Command Line Interface (CLI)
security for denial of service (DoS) attacks. A command line interface can be used in conjunction with
remote shell to automate data retrieval, configuration updates,
Broadcast Storm Filtering and firmware upgrades. A powerful SQL-like capability allows
Broadcast storms wreak havoc on a network and can cause expert users the ability to selectively retrieve or manipulate
attached devices to malfunction. This could be disastrous on any parameters the devicehas to offer.
a network with mission critical equipment. ROS ® limits this by 1 eRSTP™ fault recovery times may be approximated as follows:
For 100 Mbps, fault recovery performance is <5ms/hop
filtering broadcast frames with a user-defined threshold. For 1,000 Mbps, fault recovery performance is <5ms/hop + 20ms
Network Architecture
Field Devices
RS910W
Control Room
SCADA
WAN/LAN
RS900W
RS910W
IEC 60068-2-30 Humidity (Damp Heat, Cyclic) Test Db 95% (non-condensing), 55°C , 6 cycles
Technical Specifications
Power Supply Warranty
Power Consumption: 10W Max
5 Years-Applicable to design or manufacturing related
24VDC: 10-36VDC, 0.4A product defects.
48VDC: 36-72VDC, 0.2A
HI Voltage AC/DC: 88-300VDC, 85-264VAC, 0.1A IEEE Compliance
802.3-10BaseT
Critical Alarm Relay 802.3u-100BaseTX, 100BaseFX
Form-C failsafe contact relay: 1A@30VDC 802.3x-Flow Control
Physical 802.3z-1000BaseLX
Height: 7.4” / 18.8cm 802.3ab-1000BaseTX
Width: 2.6” / 6.6 cm 802.3ad-Link Aggregation
Depth: 5.0” / 12.7cm 802.1D-MAC Bridges
Weight: 2.7lbs / 1.22kg 802.1D-Spanning Tree Protocol
Ingress Protection: IP40 (1mm objects) 802.1p-Class of Service
Enclosure: 20 AWG galvanized steel enclosure 802.1Q-VLAN Tagging
Mounting: DIN rail or panel mounted 802.11i Security 128-bit AES encryption
Switch Properties 802.1D-2004-Rapid Spanning Tree Protocol
Switching method: Store & Forward 802.1x-Port Based Network Access Control
Switching latency: 8 us (100Mbps) 802.1Q-2005 (formerly 802.1s) MSTP
Switching bandwidth: 1.8Gbps
MAC address table size: 16kbytes IETF RFC Compliance
Priority Queues: 4 RFC768-UDP
Frame buffer memory: 1 Mbit RFC783-TFTP
Simultaneous VLANs: 255 RFC791-IP
VLAN ID Range: 1 to 4094 RFC792-ICMP
IGMP and static multicast groups: 256 RFC793-TCP
Port rate limiting: 128kbps, 256, 512, 4, 8Mbps RFC826-ARP
No head of line blocking RFC854-Telnet
Approvals RFC894-IP over Ethernet
Hazardous Locations: Class 1, Division 2 RFC1112-IGMP v1
ISO: Designed and manufactured using a ISO9001: 2000 RFC1519-CIDR
certified quality program RFC1541-DHCP (client)
CE Marking RFC2030-SNTP
Emissions: FCC Part 15 (Class A), RFC2068-HTTP
EN55022 (CISPR22 Class A) RFC2236-IGMP v2
Safety: cCSAus (Compliant with CSA C22.2 No. 60950, RFC2284-EAP
UL 60950, EN60950) RFC2475-Differentiated Services
Laser Eye Safety (FDA/CDRH): Complies with 21 CFR
RFC2865-RADIUS
Chapter1, Subchapter J.
RFC3414-SNMPv3-USM
EMI Immunity and Environmental Compliance RFC3415-SNMPv3-VACM
IEC 61000-6-2 Industrial (Generic)
IEC 61800-3 Industrial (Variable Speed Drive Systems) IETF SNMP MIBS
IEC 61850-3 Electric Utility Substations
RFC1493-BRIDGE-MIB
IEEE 1613 Electric Utility Substations RFC1907-SNMPv2-MIB
NEMA TS 2 Traffic Control Equipment RFC2012-TCP-MIB
RFC2013-UDP-MIB
Network Management RFC2578-SNMPv2-SMI
HTTP graphical web-based, SSL (128-bit encryption)
RFC2579-SNMPv2-TC
SNMP v1, v2c, v3 (56-bit encryption)
RFC2819-RMON-MIB
Telnet, VT100, SSH/SFTP (128-bit encryption)
RFC2863-IF-MIB
Command Line Interface (CLI)
RSA Key Management (1024 bit key) draft-ietf-bridge-rstpmib-03-BRIDGE-MIB
Authentication and Accounting - TACACS+ (encrypted), draft-ietf-bridge-bridgemib-smiv2-03-RSTP-MIB
RADIUS client, PPP IANAifType-MIB
Longer segment lengths dependent on fiber specifications. Consult factory for further details.
Order Code
RS910W - ____ - ___ - ____ - ____ - _____ - _____
PS M S E WW MOD
M: Mounting options
D = Din Rail
P = Panel Mounting
N = None
RuggedCom Inc.
300 Applewood Crescent, Unit 1,
Concord, Ontario, Canada L4K 5C7