Secure products
Our products feature both high-performance electronics and cryptographic hardware to provide in-depth security. This makes Sprecher one of the pioneers of IT security within the energy automation sector.
The defence-in-depth principle is implemented consistently in SPRECON products. All levels within the system – from the deepest operating system functions and remote maintenance interfaces to secure web interfaces and encrypted communication connections – contain various, integrated security features:
- Security features implemented according to IEC 62351, IEC 62443, ISO 15408 Common Criteria and BDEW Security Whitepaper standards
- Process data transmitted securely via VPN tunnelling using OpenVPN or IPsec
- Built-in firewall
- Encryption directly in the CPU – no additional devices are necessary
- Endpoint authentication and password encryption
- Connection to RADIUS/LDAP (Directory Services) and local access management for access from an out-of-band network
- Secure access for commissioning and service through Role-Based Access Control (RBAC) in the service program and web server
- System hardening by deactivating unnecessary services, ports or web servers as well as via a secure Transport Layer Security (TLS) connection
- Network monitoring (security logging) using Syslog and SNMPv3
- Network segmentation using VPN, VLAN, firewall and independent physical interfaces
- Malware protection via in-house firmware and application whitelisting
- Intrusion detection & prevention system
- Integrity protection & firmware verification
Security measures are verified time and again through regular internal and external audits, which is why many domestic and international customers trust secure SPRECON products for their operations.