Fijosat The development of a satellite enabled secure access device for remotely located equipment

Status
Completed
Status date
2021-10-14
Activity Code
7A.047
Objectives

The key development themes are as follows:

  • Security: - The solution meets the highest standards in terms of its encrypted connectivity using a patented secure remote access system.
  • Adaptability: - The solution is product-agnostic and it can access any client IP equipment regardless of manufacturer.
  • Cost Effectiveness: - The solution can reduce remote access and support costs by up to 85% by clearing faults remotely thus leaving engineers to deal with issues that require on-site presence only.
  • To deliver secure remote services where there is no dedicated digital line required: The solution does not require a dedicated line or dedicated VPN setup, which represents an enormous saving to our clients and their customers’ year-on-year.
  • Multiple interfaces: The product is designed to assure business continuity using multiple interfaces. The product offers, Ethernet, Cellular radio (2G, 3G, LTE) and satellite interfaces.
Challenges

The product uses the Inmarsat BGAN radio module for the satellite interface. IP device management demands a reasonably high data rate consistent with traditional ISDN-type services. This can be provided with BGAN services.

This development integrates various network access technologies, including satellite and cellular connectivity, in a single product solution providing business continuity for customers.

Benefits

The Fijosat development allows Fijowave to deliver a more versatile product into the market, thereby disrupting the incumbent companies by,

  • Reduction in installation costs 
  • Securing communications management (using Fijowave’s patented connectivity solution) 
  • Providing operational oversight and reduced cost of ownership
  • Eliminates unnecessary call-outs
  • It is simple to install
  • It is totally secure
  • It requires NO CUSTOMER intervention
  • All control decisions are made by the Fijowave Portal Appliance, which can only be interacted with through specific, secured interfaces
Features

 

  • Provides secure communications
    • TLS, SSH2, AES encryption
    • No requirements for custom firewall settings 
  • Provides Authentication and Authorization
    • Each Fijosat has a unique public key fingerprint used to authenticate it with the Portal server
    • Pre-shared public key authorizes the Portal server connection to Fijosat.
  • User account monitoring and continuous auditing 
  • Session audit trailing 
  • Scaling - Portal server can be horizontally scaled across multiple physical servers and managed internally by a private, un-routed, network, providing redundancy and geographic resilience.
     
System Architecture

The on-premises product consists of a hybrid satellite/cellular device. The main components of the product are, 

  • BGAN Radio module (INMARSAT BRM)
  • Cellular radio module (2G, 3G, LTE)
  • GNSS receiver 
  • 2 x Gigabit Ethernet ports one with PoE
  • Linux core on ARM

This device connects to the Fijowave Portal which securely manages access to the IP based equipment on the remote customer site.

Plan

•    Baseline Design Review (BDR) – November 16th 2017
•    Critical Design Review (CDR) – July 5th 2018
•    Factory Acceptance Test (FAT) – Nov 4th 2020
•    Final Report Meeting (FR) – May 27th 2021 (Part #1)

Current status

The project has been completed and the Final Review took place in June 2021.

Prime Contractor