— COMMUNICATION NETWORKS We are securing the past in a fast moving future. FOX605 multiservice platform. Browser – Interface Local/Remote Via HTTPs FOX605 has an embedded server providing a browser based Graphical User Interface (GUI). Standard browsers like Firefox or IE can be used. The GUI offers strong Monitoring/Diagnostics/Maintenance features and is recommended to be used for the typical Configuration use-cases. NMS-Suite FOXView & FOXMAN-UN FOXView and FOXMAN-UN are two key components of ABB’s overall NMS-suite, supporting a wide range of ABB’s communication portfolio of FOX-devices but also the ETL- and NSD – devices for Power Line Carrier and protection applications, Wireless-devices and the AFx-family of substation oriented switches/routers/ firewalls. CLI –Interface Local/Remote via SSH FOX605 offers a Command Line Interface including comprehensive ‘help’ functionalities. It is a very efficient way especially for complex tasks and configurations. Its usage is further facilitated by documentation like the ‘Command Reference Guide’ and an ‘Application/Use- case manual’. — Flexible management tools. FOX605 complies with latest expectations in terms of managing a communication network in a secure way by using appropriate protocols and tools. FOX605 is supported by ABB’s NMS-suite but depending on customer preferences and management-tasks a browser-based GUI or a highly efficient CLI can be used. The ABB NMS-Suite supports not only FOX but the full range of ABB's wired and wireless communication portfolio. — Selected technical highlights. Sophisticated Security Features FOX605 offers service-aware user traffic encryption at layer 2 (MAC-layer). This even protect legacy data (e.g. emulated E1 flows) without bringing them in resource-and time-consuming processes to the layer 3/4 to make use of IPSEC. Following advantages result: Reduced protocol complexity/Lowest impact on network performance/ Transparent to media. The underlying encryption technology is based on MACSec (IEEE 802.1AE), however in a significantly enhanced form to allow end-to-end encryption (e2e) even through non-encryption aware networks. Individual flows can be protected end-to-end by service- aware encryption; it’s up to the user to define which services shall be encrypted and which information shall be transmitted plain text. Criteria to distinguish the services are port, VLAN-tags or MPLS-labels. Network Synchronization FOX605 offers the latest technology for network synchronization. Reliable distribution of timing information across a network is essential and helps reduce dependence on GPS-time that is a security risk especially for mission critical applications. For demanding network synchronization tasks FOX605 supports latest PTP/ IEEE1588v2 (boundary & ordinary mode) and SyncE functionalities. The latter can make use of Quality Level information transmitted similarly to earlier SDH SSM technology. For traditional time-distribution schemes, FOX605 can work with up to 5 NTP servers. Timing info can be exchanged on multiple FOX605 interfaces and protocols (e.g. ToD, PTP, IRIG- B002/-B006). Built-in RFC2544 & Y.1564 Performance Tester The ITU-T Y.1564 defines a methodology that is used to access the configuration and performance of Ethernet networks to deliver Ethernet-based services. It was designed to serve as a Service Level Agreement (SLA) validation tool, ensuring that the services on a network meet the agreed committed rate FOX605 has a built in ITU-T Y.1564 tool which fills the methodological gaps not covered by RFC2544 (like checking configuration and performance of CIR, CBS, EIR and EBS, measuring Frame Delay Variation and simulation of network conditions similar to real life scenario). Similar to the built in RFC2544 tool, each test configuration is a ‘profile’ and results are saved in a ‘report’. Up to 16 profiles and 10 reports can be stored on FOX605. FOX605’s Versatility Central part of FOX605 is a highly versatile, wire-speed switch that supports native L2 Ethernet as well as MPLS-TP. Legacy interfaces can be groomed in the TDM cross-connect before emulated via SAToP. AES 256-bit traffic encryption can be enabled for the optical SFP-ports based on selectable criteria such as port, VLAN- tags or MPLS-TP labels. Legacy interfaces can be connected directly to the functional block responsible for circuit emulation or via the digital cross- connect (DXC-64k) that a lows bundling/grooming services into one or several E1-equivalent streams for SAToP (max. 12 flows). The timing block is closely interlinked with the PHY because SyncE and PTP information have to be derived directly at the physical interface. Timing Interfaces 2 x Power Mgt/Terminal Alarms 8 x LAN/WAN (el./opt; PoE) 12 x Traditional/ Legacy Interfaces PSU (Single/Double) Power Over Ethernet LAN/WAN PHY Including Encryption Functions & PoE CPU Switching L2/MPLS-TP Circuit Emulation (SAToP) Legacy Interfaces Cross connect Timing Segmented Data | L4 | L3 | L2 Application Application Data Application Presentation Presentation Data Presentation Session Procedural Data Session Transport Segmented Data | L4 Transport Network Segmented Data | L4 | L3 Network Data Link Data Link Physical Physical L2 encryption for upper layers Physical Transmission Medium Master Boundary Clock Slave Ordinary Clock Ordinary Clock Slave Slave PTP/High Precision Time Source Grand Master FOX605-2 FOX605-1 VLAN100 Tagged Frame VLAN100 Loop Untagged Frame Access VLAN 100 Untagged frame Access VLAN 100 — All in one solution. FOX605 is a comprehensive combination of latest MPLS & L2 packet switched technology with traditional legacy interfaces and complemented with state of the art synchronization - and cyber security - features. FOX605 addresses a wide range of applications in harsh environments where traditional TDM services and packet switch technology coexist. HOUSEKEEPING • Alarms (In/Out) • Management • Terminal POWER SUPPLY • Redundant Operation • Hot Swappable SYNC/TOD • 1 PPS & 10MHz • ToD & BITS ETHERNET/MPLS-TP • 4x GE el. (PoE/PoE+ capable) • 4x SFP (Opt./el.;encryption capable) SFP support of E/FE/GE and T1/OC-3/STM-1 LEGACY • 4x 64 kbit/s • 4x E1 ports • 4x RS-232/RS485/V.11 also configurable for IRIG-B
2
Embed
COMMUNICATION NETWORKS We are securing the · PDF fileCOMMUNICATION NETWORKS We are securing the past in a fast moving future. FOX605 multiservice platform. ... information transmitted
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
— COMMUNIC ATION NET WORKS
We are securing the past in a fast moving future.FOX605 multiservice platform.
Browser – Interface Local/Remote Via HTTPsFOX605 has an embedded server providing a browser based Graphical User Interface (GUI). Standard browsers like Firefox or IE can be used. The GUI offers strong Monitoring/Diagnostics/Maintenance features and is recommended to be used for the typical Configuration use-cases.
NMS-Suite FOXView & FOXMAN-UNFOXView and FOXMAN-UN are two key components of ABB’s overall NMS-suite, supporting a wide range of ABB’s communication portfolio of FOX-devices but also the ETL- and NSD – devices for Power Line Carrier and protection applications, Wireless-devices and the AFx-family of substation oriented switches/routers/firewalls.
CLI –Interface Local/Remote via SSHFOX605 offers a Command Line Interface including comprehensive ‘help’ functionalities. It is a very efficient way especially for complex tasks and configurations. Its usage is further facilitated by documentation like the ‘Command Reference Guide’ and an ‘Application/Use-case manual’.
—Flexible management tools. FOX605 complies with latest expectations in terms of managing a communication network in a secure way by using appropriate protocols and tools. FOX605 is supported by ABB’s NMS-suite but depending on customer preferences and management-tasks a browser-based GUI or a highly efficient CLI can be used. The ABB NMS-Suite supports not only FOX but the full range of ABB's wired and wireless communication portfolio.
—Selected technical highlights.
Sophisticated Security FeaturesFOX605 offers service-aware user traffic encryption at layer 2 (MAC-layer).
This even protect legacy data (e.g. emulated E1 flows) without bringing them in resource-and time-consuming processes to the layer 3/4 to make use of IPSEC. Following advantages result: Reduced protocol complexity/Lowest impact on network performance/Transparent to media. The underlying encryption technology is based on MACSec (IEEE 802.1AE), however in a significantly enhanced form to allow end-to-end encryption (e2e) even through non-encryption aware networks.
Individual flows can be protected end-to-end by service-aware encryption; it’s up to the user to define which services shall be encrypted and which information shall be transmitted plain text. Criteria to distinguish the services are port, VLAN-tags or MPLS-labels.
Network SynchronizationFOX605 offers the latest technology for network synchronization.
Reliable distribution of timing information across a network is essential and helps reduce dependence on GPS-time that is a security risk especially for mission critical applications. For demanding network synchronization tasks FOX605 supports latest PTP/IEEE1588v2 (boundary & ordinary mode) and SyncE functionalities. The latter can make use of Quality Level information transmitted similarly to earlier SDH SSM technology.
For traditional time-distribution schemes, FOX605 can work with up to 5 NTP servers.
Timing info can be exchanged on multiple FOX605 interfaces and protocols (e.g. ToD, PTP, IRIG-B002/-B006).
Built-in RFC2544 & Y.1564 Performance TesterThe ITU-T Y.1564 defines a methodology that is used to access the configuration and performance of Ethernet networks to deliver Ethernet-based services. It was designed to serve as a Service Level Agreement (SLA) validation tool, ensuring that the services on a network meet the agreed committed rate
FOX605 has a built in ITU-T Y.1564 tool which fills the methodological gaps not covered by RFC2544 (like checking configuration and performance of CIR, CBS, EIR and EBS, measuring Frame Delay Variation and simulation of network conditions similar to real life scenario). Similar to the built in RFC2544 tool, each test configuration is a ‘profile’ and results are saved in a ‘report’. Up to 16 profiles and 10 reports can be stored on FOX605.
FOX605’s VersatilityCentral part of FOX605 is a highly versatile, wire-speed switch that supports native L2 Ethernet as well as MPLS-TP. Legacy interfaces can be groomed in the TDM cross-connect before emulated via SAToP.
AES 256-bit traffic encryption can be enabled for the optical SFP-ports based on selectable criteria such as port, VLAN- tags or MPLS-TP labels. Legacy interfaces can be connected directly to the functional block responsible for circuit emulation or via the digital cross-connect (DXC-64k) that a lows bundling/grooming services into one or several E1-equivalent streams for SAToP (max. 12 flows).
The timing block is closely interlinked with the PHY because SyncE and PTP information have to be derived directly at the physical interface.
Timing Interfaces
2 x Power
Mgt/Terminal Alarms
8 x LAN/WAN (el./opt; PoE)
12 x Traditional/Legacy Interfaces
PSU
(Sin
gle
/Do
uble
) Po
wer
Ove
r Et
hern
et
LAN/WAN PHY Including Encryption
Functions & PoE
CPU Switching L2/MPLS-TP
Circuit Emulation (SAToP)
Legacy Interfaces
Cross connect
Tim
ing
Segmented Data | L4 | L3 | L2
Application Application Data Application
Presentation Presentation Data Presentation
Session Procedural Data Session
Transport Segmented Data | L4 Transport
Network Segmented Data | L4 | L3 Network
Data Link Data Link
Physical Physical
L2 encryption for upper layers
Physical Transmission Medium
Master Boundary Clock
Slave
Ordinary ClockOrdinary Clock
SlaveSlave
PTP/High Precision Time Source
Grand Master
FOX605-2FOX605-1
VLAN100
Tagged Frame
VLAN100
Loop
Untagged Frame Access VLAN 100
Untagged frame Access VLAN 100
—All in one solution.FOX605 is a comprehensive combination of latest MPLS & L2 packet switched technology with traditional legacy interfaces and complemented with state of the art synchronization - and cyber security - features. FOX605 addresses a wide range of applications in harsh environments where traditional TDM services and packet switch technology coexist.
ETHERNET/MPLS-TP• 4x GE el. (PoE/PoE+ capable)• 4x SFP (Opt./el.;encryption capable)
SFP support of E/FE/GE and T1/OC-3/STM-1
LEGACY• 4x 64 kbit/s• 4x E1 ports• 4x RS-232/RS485/V.11 also configurable for IRIG-B
Do
cum
ent
ID :
9A
KK
1070
45
A0
45
7
—We reserve the right to make technical changes or modify the contents of this document without prior notice. With regard to purchase orders, the agreed particulars shall prevail. ABB AG does not accept any responsibility whatsoever for potential errors or possible lack of information in this document.
Like all members of ABB’s FOX–family, FOX605 was successfully type–tested by an independent, internationally accredited European test–lab for EMC, climatic and mechanical compliance according to following standards.—Basic standards (overview)
IEC/EN61000–4–3ImmunitytoElectromagnetic Field Radiated
IEC/EN61000–4–4Immunity Transient Electric Fast EFT/Burst
IEC/EN61000–4–5ImmunitytoVoltage Surge
IEC/EN61000–4–6ImmunitytoRadio Frequency Voltage conducted in power terminals
IEC/EN61000–4–17Rippleon DC input power port immunity
IEC/EN61000–4–18Damped oscillatory wave immunity
IEC/EN61000–4–29Voltagedips,short interruptions and voltage variations on DC input power port
Emission EN55022(CISPR–22)Conductedemissions in power terminals (AC) and telecommunications terminal class B
EN55022(CISPR–22)Radiatedemission class B
Safety IEC/EN60950–1
—Applied safety standards
Standards Description
IEC/EN60950–1 Information technology equipment – Safety
IEC60255–27 Measuring relays and protection equipment – Product safety requirements
EMC
IEC/EN61000–6–2to6–5
—Emission tests
Test name Description Basic standard Level
Radiated radio frequency interference
30MHzto1GHz1GHzto6GHz
EN55022 class B
Conducted radio frequency interference
150kHzto30MHz
EN55022 class B
—Immunity tests
Test name Description Basic standard Level
ESD test Contact/air discharge
IEC61000–4–2 6/8kV
Radiated electromagnetic field
80to1000MHz,80%AM,1kHzmodulated
IEC61000–4–3 10V/m
1to2.5GHz,80%AM,1kHzmodulated
IEC61000–4–3 10V/m
Fast transient test
DC Power supply:all other ports:
IEC61000–4–4 4kV4kV
Surge test(1.2/50µs)
DC Power supply 48V: Common mode (L–to–PE)Differential mode (L–to–L)
IEC61000–4–5 2kV1kV
Signal terminals:Common mode (L–to–PE)Differential mode (L–to–L)
2kV1kV
Conducted radio frequency interference
0.15to80MHz,80%AM,1kHzmodulated
IEC61000–4–6 10V/m
Conducted common mode disturbance
Frequency50Hz,continuous mode
IEC61000–4–16
30/300VRMS
—Shock and vibration
Mechanicaltests:Operation(IEC60721–3–3,class3M1)
Test name Description Basic standard Level
Vibration sinusoidal
5–9Hz;displacement amplitude
IEC60068–2–6 ±0.3mm
9–200Hz;acceleration amplitude
1m/s²
Shock Shock response spectrum type L; Peak acceleration
IEC60068–2–27
40m/s²
—FOX605 Technical Data.
As FOX605 combines traditional TDM-services with the latest packet switch technology it complies to applicable parts of a wide range of standards and recommendations of both worlds.—Physical interface ports
Legacy TDM ports FOX605 provides following TDM legacy ports:
RS-232/RS-485/X.24(V.11)
Four ports which may operate in RS-232,X.24(V.11)or4-wireRS-485Full-Duplex modes; When operating asRS-232orRS-485eachserialstream is asynchronously oversampled by configurable nx64kbit/sandmappedtoG.704structured flows; When operating as X.24(V.11)theinterfaceoperatesinsynchronous mode (always as master) and all data will be mapped from/tonx64kbit/stimeslots(upto2048kbit/sissupported)
Terminal port TheFOX605hasoneconsoleporttomanage the device directly; The terminalportusesanRJ45connectorin accordance with the standard RS232(EIA/TIA574)
MGMT interface FOX605hasoneEthernet10/100BASE-Tportforoutofbandmanagement of the device, in compliance with the standard
100BASE-T
Alarm port FOX605providesalarminterfacesfor external use;Two isolated digital alarm inputs using optocouplers;Two alarm relay outputs (urgent and non-urgent)
Sync ports The clock interfaces are:
ToD Time of Day (ToD) interface is a serial interface used to exchange time information with an external device; The ToD interface has a separate RS-422(V.11)interfaceand1PPSsignalingonanRJ45connector
BITS External clock interface (BITS) is a G.703-2048kHzsynchronizationinterfaceonRJ45
10MHzInput/Output Typically connected to a GPS receiver which provides a sine/square wave signalusingaminiBNC(cc4)connector;Theoutputprovidesa10MHz square wave clock output for external use
IRIG-B Output The signal(s) can be made available onlegacyTDMportsofFOX605SupportsIRIG-B002&-006
Ethernet ports Description
FOX605hasfour100BASE-FX/1000BASE-XportsforusewithSFP, and more four 10/100/1000BASE-TcopperbasedportswithRJ45connectors
The copper-based ports support PoE and PoE+ (Power over Ethernet)
—Related LAN/WAN standards
FOX605ensureshighserviceavailabilityandperformancethroughadvanced functions of OAM, prioritization mechanisms and traffic protection schemes (ERPS, RSTP/MSTP). IthasaninternalmatrixwithcapacitytoensureL2/MPLSswitchingat wire speed, allowing low latency without blockings.
On the trunk side, the multiplexer offers strong network security functionalitiesbasedonL2-encryption.Thisapproachallowssignificant improvements of data security based on service-aware encryption.
BelowtablelistthemostimportantLAN/WANstandardsFOX605can be associated with:
IEEE Description
802.1d Media Access Control (MAC) Bridge
802.1p Priority Support
802.1q Virtual LAN
802.1s Multiple Spanning Tree (MSTP)
802.1w Rapid Spanning Tree (RSTP)
802.1ab Link Layer Discovery Protocol (LLDP)
802.1ad Provider Bridges
802.1ag Connectivity Fault Management (CFM)
802.3 10Base-T
802.3u 100Base-TX
802.3x Flow Control
802.3z 1000BASESX/LX
802.3ab 1000Base-T
802.3ah OAM Link-Fault Management Overview
1588-2008 Precision Clock Synchronization Protocol for Networked Measurement and Control Systems
ITU-T Description
G.703 Physical/electrical characteristics of hierarchical digital interfaces
G.704 Synchronous frame structures used at1544,6312,2048,8448and44736kbit/shierarchicallevels
G.8032 Ethernet ring protection switching
G.823 The control of jitter and wander within digital networks which are basedonthe2048kbit/shierarchy
G.8261 Timing and synchronization aspects in packet networks
G.8262 Timing characteristics of a synchronous Ethernet equipment slave clock
G.8264 Distribution of timing information through packet networks
Y.1564 Ethernet service activation test methodology
Y.1731 OAM functions and mechanisms for Ethernet based networks
MEF Description
MEF 6.1 Metro Ethernet Services Definitions Phase 2
MEF 8 Implementation Agreement for the Emulation of PDH Circuits over Metro Ethernet Networks
MEF 9 Abstract Test Suite for Ethernet Services at the UNI
MEF 10.2 Metro Ethernet Services Attributes Phase 2
MEF 14 Abstract Test Suite for Traffic Management Phase 1
MEF 18 Abstract Test Suite for Circuit Emulation Services
MEF 20 UNI Type 2 Implementation Agreement
MEF 23.1 Class of Service Phase 2 Implementation Agreement
IETF Description
RFC791 Internet Protocol IP
RFC793 Transmission Control Protocol TCP
RFC854 Telnet Protocol Specification
RFC1157 Simple Network Management Protocol (SNMP)
RFC1212 Concise MIB Definitions
RFC1213 Management Information Base for Network Management of TCP/IP based internets: MIB-II
RFC1215 A Convention for Defining Traps for Use With the SNMP
RFC1441 SNMPv2 Protocol Framework
RFC1492 An Access Control Protocol, Sometimes Called TACACS
RFC1769 Simple Network Time Protocol SNMP
RFC1812 Requirements for IP Version 4 Routes (IPv4)
RFC1901 Introduction to Community-based SNMPv2
RFC1903 Textual Conventions for Version 2 of SNMPv2
RFC1904 Conformance Statements for Version 2 of SNMPv2
RFC1905 Protocol Operations for Version 2 of SNMPv2
RFC1907 Management Information Base (MIB) for SNMPv2
RFC1908 Coexistence between V1 and V2 of the Internet-standard NMF
Transport ETS300019–1–2,class2.2–Temperature–25...+70°C–Humidity95%r.h.(noncondensing)
RFC5462 Multiprotocol Label Switching (MPLS) Label Stack Entry: "EXP" Field Renamed to "Traffic Class" Field
RFC5905 Network Time Protocol Version 4: Protocol and Algorithms Specification
RFC5586 MPLS Generic Associated Channel
RFC5960 MPLS Transport Profile Data Plane Architecture
RFC6370 MPLS Transport Profile (MPLS-TP) Identifiers
RFC6427 MPLS Fault Management Operations, Administration, and Maintenance (OAM)
RFC6423 Using the Generic Associated Channel Label for Pseudowire in the MPLS Transport Profile (MPLS-TP)
RFC7324 Updates to MPLS Transport Profile Linear Protection
RFC7213 MPLS Transport Profile (MPLS-TP) Next-Hop Ethernet Addressing (support for section 2: Point-to-Point Link Addressing)
—Cyber Security robustness testing
FOX605 is tested for cyber security robustness by DSAC, a Device
Security Assurance Center. The test center performs a multitude
of different tests, including port scanning, network flooding,
vulnerability scanning and protocol fuzzing. This is done by using
a variety of best in class testing platforms such as Wurldtech
Achilles, Spirent Mu-8000 and Codenomicon Defensics, as well
as other complementary testing tools.
Doing these tests is one of many cyber security related measures
applied to ABB solutions to achieve utmost and state of the art
protection against malicious cyber activities. It’s however not
a guarantee for absolute protection and has to be understood
as one puzzle part of ABB’s Defence in Depth protection concept.
—Power concept
Power supply
FOX605 is a fan-less device; It can operate either with one or two inserted Power Supply Units (PSU)
1+1 Power Supply
Hot-Swap Support
Voltage range: 38.4 VDC to 72 VDC (nominal 48 V to 60 V)
Max. power consumption: 84 W (depending on PoE operation) Max. current: 1.7A
Power and Active LEDs
Power over Ethernet (PoE)
FOX605 offers PoE (up to 15.4 W) and PoE+ (up to 32.4 W) on the Ethernet copper-based ports (except management port);There are three modes for configuring how the power will be reserved on each port: Allocated Mode The user specifies the Maximum Power that each port may use. Class Mode Each port automatically determines how much power to reserve, according to the class of the connected device; There are five different port classes:
Class Use Power Range [W] Description
0 Default 0.44 – 12.94 No Classification
1 Optional 0.44 – 3.84 Very Low Power
2 Optional 3.84 – 6.49 Low Power
3 Optional 6.49 – 12.95 Mid Power
4 802.3at – Type 2
12.95 – 25.5 High Power
In this mode the Maximum Power configuration has no effect;
LLDP-MED Mode Supported
—Weight & mechanics
Weights
FOX605 Weight (kg)
FOX605 Chassis 2,52
FOX605 with two PSUs 3,26
FOX605 packed with two PSUs 3,97
FOX605 packed with two PSUs and power cables
6,27
FOX605 PSU Weight (kg)
PSU stand alone 0,37
Packed in box 0,68
—Dimensions
The FOX605 is 1U high and is designed to be installed in 19-inch racks
Model (FOX605) Height Width Depth
Without mounting brackets & connectors
43 mm 443 mm 253 mm
Incl. connectors 43 mm 443 mm 273 mm
Incl. lateral mounting brackets & connectors
43 mm 443+2x20 mm 273 mm—ABB Switzerland Ltd. Power GridsGrid AutomationBruggerstrasse 72CH-5400 Baden, Switzerland