RFL is dedicated to assisting customers with NERC CIP regulatory requirements, and currently offers a multitude of information for our products' cyber assets and customer information protection. RFL provides automatic Cyber Security Bulletin update notifications, which will save you from having to check for updates every 35 days. You will need to register for an RFL Download Account to have access to the Bulletins and other NERC CIP information.
Email us at
Customer Information Protection Policy Statement
NERC CIP - Bulk Electric System Cyber System Information (BES CSI)
RFL's product models with the ability to store BES CSI are currently the: eXmux®, GARD, IMUX and 9745 family of products. Please click here to view the Bulletin (requires logging into the Downloads space).
Cyber Security Bulletins
To download Cyber Security bulletins, you must log in with your customer account.
RFL Product Cyber Security Patch Status
You must be logged in to review the RFL Product Cyber Security Patch Status table. Please log in with your customer account below, or click here to register for a customer account.
Security Patch Status
| Product | Last Patch Firmware | Patch Description | Date |
|---|---|---|---|
| 9508 Analog | None | - | - |
| 9508D (Digital) | None | - | - |
| 9745 Teleprotection System |
None | - | - |
| 9780/9785 Powerline Carrier System |
None | - | - |
| eXmux® 3500/3500M | System Software 7.0.9512 |
Addressed Security Issue related to receiving UDP packets with port number 1024 & 1025 and length 0 | 10/1/2017 |
| eXmux® 3501/3501M IP Access Multiplexer |
System Software 7.0.9512 / 7.0.9542 |
Addressed Security Issue related to receiving UDP packets with port number 1024 & 1025 and length 0 | 10/1/2017 |
| eXmux® Family of Products | eXmux® VNMS v 10.2.0.20592 |
● Upgraded OpenSSH from OpenSSH_6.6p1, which has been identified to have multiple vulnerabilities, to OpenSSH_7.2p2, to address those vulnerabilities. ● Added the ability to enable/disable OpenSSH configuration parameters via CLI commands. ● Also added CLI legacy Mode option to support backward compatibility with OpenSSH_6.6p1. |
09/01/2023 |
| GARD 8000® Protection System with 500400 Controller | System Firmware 8.3.5 | Disable HTTP Put command on front and rear Ethernet ports | 04/01/2017 |
| GARD 8000® Protection System with 500400-1 Controller | System Firmware 8.5.2 | Disable HTTP Put command on front and rear Ethernet ports | 04/01/2017 |
| GARD 8000® Protection System with 500400-2 Controller | None | - | - |
| GARD Pro™ Protection System | System Firmware 2.6.7.203 & 2.7.7.151 |
● SNMPv3 Authentication and Privacy changes including new SNMP user account and separate privacy password. ● HTTPS certificate update including change to SHA256 encryption. ● TCP port 21 and 23 now show closed rather than filtered. ● Ping requests with timestamp now rejected. For additional non-cyber security changes, please review Bulletin PBF-020. |
10/01/2022 |
| GARD Pro® IEC 61850 Gateway |
System Firmware 3.4.14.256 |
● SNMPv3 Authentication and Privacy changes including new SNMP user account and separate privacy password. ● HTTPS certificate update including change to SHA256 encryption. ● TCP port 21 and 23 now show closed rather than filtered. ● Ping requests with timestamp now rejected. For additional non-cyber security changes, please review Bulletin PBF-020. |
03/2023 |
| IMUX 2000 T1/E1 Multiplexer |
None | - | - |
