The utilities sector processes confidential and valuable data. This data, which may consist of pipeline figures, electricity stations measurements, alerts on malfunctions etc. has to be moved from the point where the data originates to the point where the data is processed. Satellite communications are the ideal solution for remote installation, as these forms of communications are end to end secured. Sending this type of data via the public internet is a risk that should, and can, be avoided.
Security for utilities
Secure managed provisioning and monitoring platform
The network to be used, as well as the Closed User group, firewall settings and other configurations of the SIM card or device are controlled from the secure IBIS platform, which can also provide provisioning, monitoring and billing functionality.
Remote Terminal Manager
By optionally selecting to use the G1 Remote Terminal Manager application, customers can actively monitor their terminal’s status and location, as well as interact with the terminal to wake or sleep data sessions securely. RTM provides automated alerting functions greatly improving the response and troubleshooting time. The system also provides automated features that attempt self-healing for equipment that reports offline conditions.
Two factor authentication and other security
Both IBIS and Remote Terminal Manager are protected with 2 factor authentication and security.
Standard password management
This security applies to all internal Galaxy 1 users and can be extended to customers as well as end-users.
Closed user groups
Within the Galaxy 1 network, connectivity is provided via secure closed user groups of IP addresses. These are assigned to mobile satellite terminals via a controlled authentication method in the form of specific User Profiles configured on the terminal SIM cards.
IP traffic sourced by and destined to these terminals will be routed specifically to the Galaxy 1 Utility Network from the satellite provider’s core network. Through the use of individual VRFs their traffic is policy-routed to the owning customer’s network via established, dedicated private backhaul circuit(s). As a result, traffic from one satellite terminal has only one route through the G1 infrastructure, towards the customer demarcation point.
Through proper configuration of the BGAN terminal itself, the provisioning of the SIM card, default profile assignments, and rigid traffic routing engineering, customer terminals utilizing this specially built utility network are completely restricted from any Public Internet access.
|Commercial / Consumer Data Services|
|Physical or Virtual Connections to Internet|
|Access to Public M2M Software Update Server|
|Managed End to End Private Network|
|Private APN over Satellite|
|Direct Connection to Satellite Earth Station avoiding MVNO Colocation|
|27/7 Core Network Support Access|
|Automated Network Watchdog|
|On Staff Live 24/7 Core Network Support Access|
|Realtime Network data usage monitors|