Secure VPN access at any time. Industrial Firewalls with mobile networks

Similar documents

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

How to establish a Leased Line Connection

WAN Failover Scenarios Using Digi Wireless WAN Routers

Understand Wide Area Networks (WANs)

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Digi Connect WAN Application Guide Using the Digi Connect WAN and Digi Connect VPN with a Wireless Router/Access Point

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Using a VPN with CentraLine AX Systems

Uninterrupted Internet:

Enterprise Cloud Manager

Protecting the Home Network (Firewall)

CompTIA Network+ (Exam N10-005)

Network Services Internet VPN

Replication with TeraStation 3000/4000/5000/7000. Buffalo Technology

EXINDA NETWORKS. Deployment Topologies

HMS Industrial Networks. Putting industrial applications on the cloud

Sweex Wireless BroadBand Router + 4 port switch + print server

HughesNet Broadband VPN End-to-End Security Using the Cisco 87x

HOWTO: How to configure IPSEC gateway (office) to gateway

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation

ewon-vpn - User Guide Virtual Private Network by ewons

Tech-Note Bridges Vs Routers Version /06/2009. Bridges Vs Routers

Using Innominate mguard over BGAN

How To Configure SSL VPN in Cyberoam

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

Configuring Routers and Their Settings

Unified Services Routers

Chapter 3 Security and Firewall Protection

Chapter 4 Customizing Your Network Settings

Lesson 1 Quiz Certification Partners, LLC. All Rights Reserved. Version 2.0

Overview. Author: Seth Scardefield Updated 11/11/2013

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

Configuring a Site-to-Site VPN Tunnel Between Cisco RV320 Gigabit Dual WAN VPN Router and Cisco (1900/2900/3900) Series Integrated Services Router

Automatic Hotspot Logon

Setting up VPN Access for Remote Diagnostics Support

For extra services running behind your router. What to do after IP change

GPRS / 3G Services: VPN solutions supported

Unified Services Routers

How to access peers with different VPN through IPSec. Tunnel

Introduction. Technology background

Using Remote Desktop Software with the LAN-Cell

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

How to Guide: StorageCraft Cloud Services VPN

Cisco Network Switches Juniper Firewall Clusters

This document describes how the Meraki Cloud Controller system enables the construction of large-scale, cost-effective wireless networks.

HMS Industrial Networks

Network Management System (NMS) FAQ

User Guide Managed VPN Router. Wireless Maingate AB. Wireless Maingate AB

Guideline for setting up a functional VPN

VPN Overview. The path for wireless VPN users

PPTP Server Access Through The

Document No. FO1004 Issue Date: Draft: Work Group: FibreOP Technical Team July 23, 2013 Final: Single Static IP Customer Owned LAN Router Support

M!DGE/MG102i. Application notes.

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

Rohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

GajShield UPTM Certification Module 4. GajShield Infotech Pvt Ltd

Vyatta Network OS for Network Virtualization

UIP1868P User Interface Guide

Application Note. Onsight TeamLink And Firewall Detect v6.3

Why Cisco Routers with SoftEther VPN Server is the Best Solution?

Appendix C Network Planning for Dual WAN Ports

SAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1

Secure Networking for Critical Infrastructure. Ilan Barda March 2014

RAP Installation - Updated

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

How to configure your Thomson SpeedTouch 780WL for ADSL2+

TK800-Series Industrial GPRS / UMTS / LTE Router

Colt IP VPN Services Colt Technology Services Group Limited. All rights reserved.

Building integrated services intranets

Custom Integration Solutions

Secure Communication Made Easy

Truffle Broadband Bonding Network Appliance

Dan Baxter PA Senior Sales Engineer

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Internet Privacy Options

How To Configure L2TP VPN Connection for MAC OS X client

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Advanced Higher Computing. Computer Networks. Homework Sheets

WHITE PAPER. Mobility Services Platform (MSP) Using MSP in Wide Area Networks (Carriers)

Cisco Certified Security Professional (CCSP)

DIR-806A. Wireless AC750 Multi-Function Router. DUAL BAND Simultaneous operation in 5GHz band and 2.4GHz band, a/b/g/n/ac compatible

Based on the VoIP Example 1(Basic Configuration and Registration), we will introduce how to dial the VoIP call through an encrypted VPN tunnel.

How To Set Up A Pploe On A Pc Orca On A Ipad Orca (Networking) On A Macbook Orca 2.5 (Netware) On An Ipad 2.2 (Netrocessor

Lab Organizing CCENT Objectives by OSI Layer

Zscaler Internet Security Frequently Asked Questions

Wireless Internet. Is an system to provide connectivity to customers to the Internet. Service Provider (WISP) TECHNICAL INFO.

Chapter 5. Data Communication And Internet Technology

Transcription:

Secure VPN access at any time Industrial Firewalls with mobile networks

Why this presentation? THE GOAL

Our goal is, that you Learn what challenges need to be mastered to get 24x7 remote access Understand what a Industrial Firewall is and what for Get all information to build a complete system and have fun listening.

Change of Requirements THE MOTIVATION

In the past Telemetrie Telemetry is a technology which makes remote sensing and remote transmission of data possible. The word is derived from Greek tele = remote, and metron of = measure. Typical Applications Energy distribution Remote monitoring Process industry Railway, weather,...

was done with Modems. Typical transmission paths HF: Analogue Radio Cable: RS-232/422/485 Phone or leased line GSM Network Characteristics Low data throughput Small update frequency Focus on data collection Very limited remote actions Specialized protocols Communication not separated from application Connection is initiated by the device in the field Point-to-point connection, no network

Telecommand and Condition Monitoring Tele command Remote action Condition Monitoring Monitoring and Predictive Maintenance Typical application: Building control, HVAC Wind turbines Locomotives Manufacturing cells

need a bi-directional 24x7 connection. The communication can be initiated by the field devices and the control center. Typical customer environments: Scenario 1: Ethernet LAN/WAN Scenario 2: Local WIFI Scenario 3: No local network Challenge The factory networks are now controlled by the company's IT Company policies must be adhered to Access Security / Security is a crucial issue Restricted access and low flexibility

Own Systems in Remote Environments THE CHALLENGES

Typical network in a manufacturing cell Factory LAN - Ethernet / IP Internet Device 1 Device 2 System

could influence other systems Factory LAN - Ethernet / IP Internet Device 1 Device 2 System

and can t be accessed remotely. Factory LAN - Ethernet / IP Internet Device 1 Device 2 System

Secure connection THE SOLUTION

Industrial Firewalls separate systems Factory LAN - Ethernet / IP Internet Device 1 Device 2 System Own network behind the Firewall Always same IP addresses Controls access: Factory lan -> System System -> factory lan

and provides safe remote access. Factory LAN - Ethernet / IP Internet Device 1 Device 2 System VPN Server System initiates connection Public IP only for the VPN server needed Bidirectional access Encrypted connection Robust against intrusion

Small and big THE IMPLEMENTATION

For one systems Factory LAN - Ethernet / IP Internet Device 1 Device 2 System Service Simple configuration Quick setup No recurring costs VPN Server

or a small number the NB1600 is sufficient Factory LAN - Ethernet / IP Device 1 Internet System Factory LAN - Ethernet / IP Device 1 Device 2 System Device 1 Factory LAN - Ethernet / IP System Device 2 Service VPN Server Up to 10(25) tunnels Network mapping, NAT or routed Redundancy option

and shows the status of all systems.

For large installations VPN Server

a cloud based appliance is preferred Owned or rented server No or nominal fee Easy installation by Image Typically 25-250 clients Routing, NAT and 1:1 NAT support Full control and no dependence on portal operators VPN Server Service Service Service

Which is easy to configure

and easy to operate. Turgi OpenVPN Yes AK2331 Bern OpenVPN Yes AK2312 Töss Mobile IP Yes KFZ 3 Windisch OpenVPN No Demo Zürich OpenVPN Yes Home Chur OpenVPN Yes AK2311 Bregenz OpenVPN Yes Demo Luzern 1 Mobile IP Yes VBL Luzern 2 Mobile IP Yes VBL Luzern 3 Mobile IP Yes VBL

Independent of the remote device type. Vehicles 1. LAN-LAN router 2. 3G/4G router 3. WiFi router 4. 3G/4G + WiFi router -> most flexible solution Railway

Thank you for your attention THE END

Contact NetModule AG Neuwiesenstrasse 37 CH-8400 Winterthur Switzerland NetModule GmbH Frankfurter Strasse 92 D-65760 Eschborn many Ralf Fachet Senior Director Sales & Marketing Mob: +49 176 62222444 Tel-CH: +41 52 20900 55 Tel-D: +49 6196 779979 5 Fax: +49 6196 779979 9 ralf.fachet@netmodule.com www.netmodule.com