The SEL-3610 is an EIA-232, EIA-422, or EIA-485 serial-to-serial and Ethernet-to-serial cryptographic port server. The SEL-3610 increases the amount of available serial ports to communications processors and computers and allows serial products to communicate securely through Ethernet networks. The SEL-3610 tunnels serial data over an Ethernet connection using Secure Shell (SSH), Telnet, Modbus, or raw Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) encapsulation. The SEL-3610 provides highly flexible byte- or bit-based serial and Ethernet port mappings and can filter based on which connections listen or transmit. The device can be configured to establish virtual bonds between one or more logical Ethernet ports and one or more physical serial ports. The SEL-3610 supports enhanced security, enabling you to protect critical cyberassets with strong multifactor authentication technologies, such as RSA SecurID, using Remote Authentication Dial-In User Service (RADIUS).
The SEL-3610 supports NERC CIP v3 and v5 compliance efforts without needing Technical Feasibility Exceptions (TFEs). The SEL-3610 resists known and unknown malware attacks with exe-GUARD embedded antivirus technology. Powerful rootkit resistance, embedded Linux mandatory access controls, and process whitelisting help mitigate attacks against the SEL-3610 itself and eliminate costly patch management and antivirus signature updates.
The SEL-3610 supports SEL-5827 Virtual Connect Client and SEL-5828 Virtual Port Service Software. These applications are provided for free by SEL to make remote SEL-3610 ports available for existing software and terminal applications on your PC, including those using Modbus TCP/RTU.
Serial Port Expansion—Add 17 EIA-232/-422/-485 remote serial ports to computers and SEL-3530 Real-Time Automation Controllers (RTACs) via Ethernet connections. Restrict all access to unconfigured logical and physical ports.
Serial-to-Ethernet Transceiver—Expand your protocol compatibility by converting serial DNP3 and Modbus to the Ethernet DNP3 TCP or UDP and Modbus TCP on the fly. Establish an Ethernet connection using SSH Telnet, TCP, or UDP encapsulation to create a persistent tunnel between a logical Ethernet port and a physical serial port. The device can also convert most bit-based protocols (Conitel, Tejas, Van Comm, etc.) to Ethernet to help replace analog links without disrupting existing systems.
Secure Access to Intelligent Electronic Devices (IEDs)—Configure a serial or Ethernet port as a master port for secured and authenticated transparent access to devices connected to the SEL-3610. The SEL-3610 logs user access to connected devices for greater security and accountability.
Centralized Security—Manage user accounts and group memberships centrally using Lightweight Directory Access Protocol (LDAP)-accessible systems, such as the Microsoft Active Directory service, or by using the RADIUS functionality to enable multifactor authentication technology, such as RSA tokens. Track actual or attempted access to the SEL-3610. Log and store up to 60,000 configuration settings, changes, and events locally, or send unlimited logs remotely with Syslog.
Lamp test button
Ethernet link status LEDs
Serial RX/TX LEDs
System status indication LEDs
Front Ethernet port
Rear Ethernet ports
IRIG-B input/output BNC ports
16 DB-9 EIA-232/-422/-485 software-selectable serial ports with IRIG-B and 5 V power on Pin 1
Isolated COM Port 17
Serial Port Expansion
Add 17 remote serial ports to computers and RTACs via Ethernet connections. Restrict all access to unconfigured logical and physical ports. Encapsulate serial data in Ethernet Telnet, SSH, Modbus TCP, TCP, or UDP protocols.
Analog Bit-Based Protocol Conversion
Transform Conitel and other bit-based protocols to Ethernet, and reduce reliance on expensive analog circuits.
Master Port Functionality
Configure a serial or Ethernet port as a master port for secured, authenticated access to devices connected to the SEL-3610. The SEL-3610 logs user access to connected devices for greater security and accountability.
Highly Configurable Serial Mappings
Provide highly granular network configurations with a variety of serial-to-serial, serial-to-Ethernet, point-to-point, and point-to-multipoint mappings. Filter data based on which connections listen or transmit.
Manage user accounts and group memberships centrally using LDAP-accessible systems, such as Microsoft Active Directory, or use RADIUS. Using RADIUS allows you to enhance security with multifactor authentication, such as RSA SecurID.
Seamless Modbus RTU to Modbus TCP Conversion
Configure the SEL-3610 to act as a Modbus protocol transceiver, and allow Modbus serial devices to communicate with Modbus TCP products. Modbus conversions are applicable in one-to-one and one-to-many architectures.
Track actual or attempted access to the SEL-3610. Log and store up to 60,000 configuration settings, changes, and events locally, or send unlimited logs remotely with Syslog.
Accurate Time Synchronization
Synchronize timing information from the SEL-3610 using IRIG-B for synchrophasor-accurate timing and Network Time Protocol (NTP) over Ethernet for granular logging and event timing.
Exe-GUARD Whitelist Antivirus
Protect against known and unknown malware with embedded whitelist antivirus. Reduce patch cycles and resist zero-day attacks without additional settings.
Virtual Software Client Support
Transform unsecured serial or legacy Ethernet communications on Windows computers to cryptographically secure channels by using SEL-5827 or SEL-5828. These applications are provided for free by SEL to make remote SEL-3610 ports available for existing software and terminal applications on your PC, including those using Modbus TCP/RTU. Data are secured using SSH with SEL-3610 port groups, master ports, and serial ports.