Industrial Network Security Systems

Similar documents
Industrial Network Professional Training and Certification Program

Hirschmann. Simply a good Connection. White paper: Security concepts. based on EAGLE system. Security-concepts Frank Seufert White Paper Rev. 1.

RuggedCom Solutions for

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

Network Security Firewall

Industrial Security Router Overview

Gigabit Multi-Homing VPN Security Router

CCT vs. CCENT Skill Set Comparison

Gigabit Content Security Router

Stratix Industrial Networks Infrastructure At-A-Glance

JetNet 5428Gv2. Features. Industrial 24FE+4G Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Executive Summary and Purpose

Magnum Network Software DX

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Industrial Ethernet Infrastructure Design Seminar

TK800-Series Industrial GPRS / UMTS / LTE Router

Emerson Smart Firewall

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Building Secure Networks for the Industrial World

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375W

Gigabit Multi-Homing VPN Security Router

Rail Systems for Railway Signaling and Communication

Nokia IP Security Platforms Technical Specifications Guide Nokia Enterprise Solutions

Cisco SR 520-T1 Secure Router

How To Configure L2TP VPN Connection for MAC OS X client

Recommended IP Telephony Architecture

Chapter 1 Introduction

Barracuda Link Balancer

How To Configure The Fortigate Cluster Protocol In A Cluster Of Three (Fcfc) On A Microsoft Ipo (For A Powerpoint) On An Ipo 2.5 (For An Ipos 2.2.5)

DIR-806A. Wireless AC750 Multi-Function Router. DUAL BAND Simultaneous operation in 5GHz band and 2.4GHz band, a/b/g/n/ac compatible

How To Secure Your System From Cyber Attacks

Innominate mguard Version 6

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

ALLNET ALL-VPN10. VPN/Firewall WLAN-N WAN Router

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

Cisco Networking Professional-6Months Project Based Training

TK C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W. TK-Series Cellular Router

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

RGPS-7084GP-P. Industrial 12-port rack-mount managed Gigabit PoE Ethernet switch with 8x10/100/1000Base-T(X) P.S.E. ports and 4x1000Base-X, SFP socket

Chapter 2 Introduction

PCI DSS Compliance and the Digi TransPort Router

Ha-VIS FTS 3000 Introduction and features

1- and 2-Port Fast Ethernet High-Speed WAN Interface Cards for Cisco 1841, 2800, and 3800 Series Integrated Services Routers

Industrial Ethernet Cable Solutions

Barracuda Link Balancer Administrator s Guide

Gigabit SSL VPN Security Router

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

BRC-W14VG-BT Wireless BitTorrent Download Router

"Charting the Course...

Cisco Certified Security Professional (CCSP)

AC 750. Wireless Dual Band ADSL2+ Modem Router. Highlights

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business

Cisco RV220W Network Security Firewall

WAN Failover Scenarios Using Digi Wireless WAN Routers

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Implementing Core Cisco ASA Security (SASAC)

How To Set Up A Cisco Rv110W Wireless N Vpn Network Device With A Wireless Network (Wired) And A Wireless Nvv (Wireless) Network (Wireline) For A Small Business (Small Business) Or Remote Worker

Hirschmann Switch-Tuning: The new Gigabit OpenRail.

Solutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.


TABLE OF CONTENTS NETWORK SECURITY 1...1

Skills Assessment Student Training Exam

AC Wireless Dual Band ADSL2+ Modem Router. Highlights

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

How To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses

Cisco RV215W Wireless-N VPN Router

Implementing Cisco IOS Network Security

AC 750. Wireless Dual Band 4G LTE Router. Highlights

WS 2000 Wireless Switch. System Reference

Unified Services Routers

CISCO IOS NETWORK SECURITY (IINS)

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

EtherDevice Switch EDS-726 Series

DCRS-5650 Dual Stack Ethernet Switch Datasheet

P330-ML Version 4.5 Release Notes

AC 750. Wireless Dual Band ADSL2+ Modem Router. Highlights

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

TABLE OF CONTENTS NETWORK SECURITY 2...1

Comtrend 1 Port Router Installation Guide CT-5072T

Cisco RV110W Wireless-N VPN Firewall

Cisco Certified Network Expert (CCNE)

Loop-IP6510 Multiple WAN Router/Bridge

T46 - Integrated Architecture Tools for Securing Your Control System

How To Learn Cisco Cisco Ios And Cisco Vlan

ENHWI-N n Wireless Router

SonicWALL Global Management System Configuration Guide Standard Edition

1Industrial Ethernet Switch

Connectivity solutions for transport automation

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

Securing Networks with PIX and ASA

Cisco RV220W Network Security Firewall

Transcription:

Industrial Network Security Systems Firewall solutions uniquely designed and certified to protect your assets in hardened industrial conditions.

Belden s Industrial Network Security Systems are Designed to Protect Your Assets. No business or industry is safe from attack. Whether intentional or accidental, threats can come at the hands of internal personnel or external hackers. Either way, an unprotected network puts your enterprise at risk. Firewalls represent an indispensable tool While industrial-grade switches and routers provide many security features, you need industrial firewalls to control communication between devices and secure communication across the entire network. for network security. Page EAGLE One Industrial Firewall/VPN Router System 3 Tofino Xenon Security Appliance 4 EAGLE20/30 Multiport Industrial Firewall System 5 You can depend on us to keep your critical infrastructure secured by Industrial Network Systems from Belden. 2

EAGLE One Industrial Firewall/VPN System The Gold Standard for Industrial Firewalls Key Benefits Layer 2 and Layer 3 stateful inspection firewall. Helps you segment your network for powerful defense-in-depth protection. Redundant backbone network connections for production cells. Easily connect to the backbone via Network Address Translation (NAT) and Router Redundancy and engage the innovative Firewall Learning Mode (FLM) for smooth start-up based on recognized network traffic patterns. Safe and cost-effective protection of automation networks. Supports static IPv4 routing and Fast Ethernet (10/100 Mbits/s) ports, either fiber or copper Operates transparently to redundancy methods (RSTP and Hirschmann Redundant Ring Coupling in Layer 2 mode) Offers both router redundancy with stateful packet inspection and NAT failover in Layer 3 mode Supports multiple transmission and encryption standards, including PPPoE, PPP for modem dial-up, IKEv1/v2, IPsec and NAT Integrates easily into remote service concepts, enabling you to control VPN connections via digital input User-friendly configuration and diagnostic options. Graphical User Interface works with other Hirschmann tools such as Industrial HiVision, HiView and HiDiscovery, making the EAGLE One the most desirable configuration and diagnostic industrial security appliance the market has to offer. Built to withstand harsh industrial environments. Certified by Germanischer Lloyd for offshore and renewable energy use and compliant with IEC 61850-3 for substations and ATEX and ISA 12.12.01 HazLoc for potentially explosive operations. Target Applications Electrical substations Power transmission and distribution Renewable energy offshore platforms, wind farms Transportation road, rail, shipping Mechanical and plant engineering Oil & gas operations 3

Tofino Xenon Security Appliance Advanced Firewall Designed Especially for Industrial Control Network Protection Key Benefits Layer 2 security appliance, not just a firewall. Prevents problems inside a network from proliferating and spreading around the network and acts as a bridge so engineers don t have to make major IP address and network changes as with other router security devices. Advanced filtering and firewalling with a technology called Deep Packet Inspection (DPI). Identifies and distinguishes different data types to determine what will be allowed to pass; available for the most common protocols, including EtherNet/IP, Modbus, OPC. Designed for minimal disruption. Two things accomplish this: Arrives in a passive mode. Undetectable to the network until your controls engineer configures it; can be added to a running network without shutdown Offers a Test Mode. Enables your engineer to test firewall rules without actually affecting the network Built to withstand harsh industrial environments. Certified by Germanischer Lloyd for offshore and renewable energy use and compliant with IEC 61850-3 for substations and ATEX and ISA 12.12.01 HazLoc for potentially explosive operations. Target Applications Electrical substations Power transmission and distribution Renewable energy offshore platforms, wind farms Oil & gas operations Mechanical and plant engineering Transportation road, rail, shipping 4

EAGLE20/30 Multiport Industrial Firewall System Advanced Security Features and Built-in HiSecOS Software Eliminate the Need for Multiple Routers Key Benefits Multiple ports offer high flexibility and cost saving. Comes with up to 8 ports, including 2 x Gigabit, 4 x Fast Ethernet and 2 x SHDSL, to allow you to use a single device for multiple purposes like firewalling with Fast Ethernet ports, filtering with Gigabit ports and WAN communication using SHDSL ports. Ruggedized design for every Industrial application. Fanless design and extended temperature range approved for almost all industrial environments so you can put this Layer 3 firewall anywhere near the control systems. External Interfaces for fault finding and recovery. Additional interfaces like USB, SD Card, V.24, Digital I/O, etc. allow faster fault finding and make it possible to revert to normal state by using backward files and logs saved on the device through external interfaces. Defense in Depth at Layer 3 by combining Filtering and Deep Packet Inspection. Uses Stateful Packet Inspection (SPI) and ACLs to protect your network from any unauthenticated source; uses Deep Packet Inspection to analyze each packet and allow only authenticated packets to pass through the network. NAT (Network Address Translation). EAGLE20/30 is used with NAT to define duplicate address range for similar production cells. Target Applications Automotive Machine building Process automation Transportation Water/wastewater Food and beverage General manufacturing Oil and gas operations Energy Custom interface environments LAN, SHDSL, cellular LTE (4G)/3G 5

Firewall Features at a Glance Type EAGLE One Tofino Xenon EAGLE20/30 Physical Number of 100Mb/s Ports 2 2 4 Number of 1Gb/s Ports 2 Serial Port 3 3 3 Redundant Power Supply 3 3 3 Relay Contact 3 3 3 Digital Input 3 3 ACA20 (USB) 3 3 3 ACA30 (SD) 3 Voltage 9.6 to 60 V DC, 18 to 30 V AC 9.6 to 60 V DC, 18 to 30 V AC 18 to 60 V DC, 48 to 320 V DC, 88 to 265 V AC Operating Temperature 0 C to +60 C, -40 C to +70 C 0 C to +60 C, -40 C to +70 C 0 C to +60 C, -40 C to +70 C Dimensions (W x H x D) 60 x 145 x 125 mm 60 x 145 x 125 mm 98 x 164 x 120 mm Weight 660 g 600 g 1500 g Protection Class IP20 IP20 IP30 Certifications cul508 3 3 3 Germanischer Lloyd 3 3 3 EN 60950 3 3 3 EN 61850-3 3 3 3 IEEE 1613 3 3 3 ISA-12.12.01 Class 1 Div 2 3 3 3 NEMA TS 2 3 EN 50121-4 3 3 3 Firewall Stateful Packet Inspection Firewall 3 3 3 Layer 3 Firewall 3 3 Layer 2 Firewall 3 3 3 (ACLs only) Firewall Rules Using IP 3 3 and MAC Addresses in the Same Rule User Firewall Accounts 3 Access Control Lists 3 Configurable Default Policy (Accept/Drop/Reject) 3 Denial of Service Prevention 3 3 3 Rate Limiting 3 3 3 Firewall Learning Mode 3 3 3 Deep Packet Inspection 3 3 Preconfigured Rules for Industrial Protocols 3 Preconfigured Rules for Industrial Devices 3 Asset-based Firewall Configuration 3 Time NTP Client/Server 3 3 SNTP Client/Server 3 NAT 1:1 NAT 3 3 Port Forwarding 3 3 IP Masquerading 3 3 Double NAT 3 Security User Management 3 3 Password Policy 3 Limited Login Attempts 3 SNMP v1/2/3, HTTPS, SSH 3 3 HTTPS Certificate Import via Web Interface 3 6

Type EAGLE One Tofino Xenon EAGLE20/30 Security (continued) RADIUS Authentication 3 3 Encrypted Configuration File 3 Persistent Log Files 3 3 3 Login Banner 3 3 Editable CLI Prompt 3 IP Access Restriction SSH/HTTPS/SNMP 3 3 Operation without IP Address Switch VLANs 3 Static MAC Addresses 3 Configurable Aging Timer 3 Prioritization 3 802.1D/p Mapping 3 Router Static Routing 3 3 Port Based Routing 3 3 VLAN Based Routing 3 3 Secondary IP Interface Addresses/Multinetting 3 3 VRRP 3 OSPF 3 PPPoE 3 VPN IPSec VPNs 3 3 OpenVPN Redundancy Layer 2 Redundancy 3 3 Router Redundancy 3 Logging Event Log 3 3 3 Syslog 3 3 3 Audit Trail 3 Management Industrial HiVision 3 3 Central Management Platform 3 Multiple Device Simultaneous Configuration 3 3 SNMP Traps 3 3 LLDP 3 3 Port Statistics 3 3 Port Configuration Check 3 3 Configuable Device Status Levels 3 3 Self Tests 3 3 Device Status Alarm 3 3 HiDiscovery 3 3 Management VLAN 3 3 Undo Modification of Changes 3 3 Multiple Stored Configuration Files 3 3 Automatic Software Updates 3 Port Auto Power Down 3 Store Two Versions of Firmware 3 3 Servers DHCP Server 3 DHCP Relay Agent 3 DNS Server 3 3 DynDNS 3 7

www.beldensolutions.com GLOBAL LOCATIONS For more information, please visit us at: www.beldensolutions.com UNITED STATES CANADA EUROPE/MIDDLE EAST/AFRICA ASIA-PACIFIC Division Headquarters Americas 2200 U.S. Highway 27 South Richmond, IN 47374 Phone: 765-983-5200 Inside Sales: 800-235-3361 Fax: 765-983-5294 info@belden.com www.belden.com Belden 2200 U.S. Highway 27 South Richmond, IN 47374a Inside Sales: 1-800-BELDEN-1 (1-800-235-3361) Phone: 765-983-5200 Fax: 765-983-5294 info@belden.com Industrial Networking (Hirschmann/GarrettCom/ Tofino Security) 255 Fourier Ave. Fremont, CA 94539, USA Phone: 510-438-9071 Fax: 510-952-3456 www.belden.com gciepofr@belden.com National Business Center 2280 Alfred-Nobel Suite 200 Saint-Laurent, QC Canada H4S 2A4 Phone: 514-822-2345 Fax: 514-822-7979 LATIN AMERICA and the CARIBBEAN ISLANDS Regional Office 6100 Hollywood Boulevard Suite 110 Hollywood, Florida 33024 Phone: 954-987-5044 Fax: 954-987-8022 salesla@belden.com Division Headquarters EMEA Edisonstraat 9 5928 PG Venlo, 5900 AA, Postbus 9 The Netherlands Phone: +31-773-878-555 Fax: +31-773-878-448 venlo.salesinfo@belden.com www.beldensolutions.com Regional Offices Manchester International Office Centre, Suite 13 Styal Road Manchester M22 5WB United Kingdom Phone: +44-61-4983749 Fax: +44-161-4983762 manchester.salesinfo@ belden.com Location Neckartenzlingen Stuttgarter Straße 45-51 72654 Neckartenzlingen Germany Phone: +49-(0)-712714-0 Fax: +49-(0)-7127/14-1313 inet-sales@belden.com Division Headquarters APAC 7/F Harbour View 2 16 Science Park East Avenue Hong Kong Science Park Shatin, Hong Kong Phone: 852-2955-0128 Fax: 852-2907-6933 hongkong.sales@belden.com Regional Offices Unit 301 No. 19 Building, 1515 Gu Mei Road Caohejing High-tech Park Shanghai 200233 People s Republic of China Phone: 021-54452388 Fax: 021-54452366/77 hongkong.sales@belden.com 101 27 International Business Park #05-01 iquest @ IBP Singapore 609924 Phone: 65-6879-9800 Fax: 65-6251-5010 singapore.sales@belden.com Belden, Belden Sending All The Right Signals, GarrettCom, Hirschmann, Lumberg Automation, Tofino Security, Tripwire and the Belden logo are trademarks or registered trademarks of Belden Inc. or its affiliated companies in the United States and other jurisdictions. Belden and other parties may also have trademark rights in other terms used herein. Copyright 2016, Belden Inc. INDUSTRIAL-NETWORK-SECURITY-SYSTEMS_BR_INIT_MBB_0516_E_EMEA

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information