Korenix Embedded Systems



Similar documents
Korenix Your Embedded Networking & Computing Partner

Chapter 1 Overview. JetBox Industrial Communication Computer

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

Advanced Network Routers. Datasheet. Model: ERLite-3, ERPoe-5. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

An Embedded Wireless Mini-Server with Database Support

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

IOVU-571N ARM-based Panel PC

Load Balance Router R258V

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Chapter 1 Personal Computer Hardware hours

CompTIA Network+ (Exam N10-005)

Network System Design Lesson Objectives

Essential Curriculum Computer Networking 1. PC Systems Fundamentals 35 hours teaching time

RuggedCom Solutions for

TK800-Series Industrial GPRS / UMTS / LTE Router

Quidway AR 18-1X Series Router Datasheet

OpenWRT - embedded Linux for wireless routers

Who s Endian?

Secure IP Address Management Layer 2 Network Access Control Solution

Protecting and controlling Virtual LANs by Linux router-firewall

Datasheet. Enterprise Gateway Router with Gigabit Ethernet. Models: USG, USG-PRO-4. Advanced Security, Monitoring, and Management

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Data Sheet. DPtech Anti-DDoS Series. Overview

Sistemi ad agenti Principi di programmazione di sistema

Firewall Defaults and Some Basic Rules

Feature catalog. Q1-Q MikroTik RouterOS

WANic 800 & or 2 HSSI ports Up to 52 Mbps/port. WANic 850 & or 2 T3 or E3 ports Full-speed CSU/DSU. WANic 880.

High-performance VoIP Traffic Optimizer Client Solution

Technology Training Limited Module Portfolio for Customised Courses

ealize Your Potential AR200 Series Enterprise Routers Brochure

Rcore Embedded Software Platform

Networking Basics for Automation Engineers

RouterBOARD product overview. September, Gon Tel: +44 (0) Fax: +44 (0)

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Custom Integration Solutions

"Charting the Course...

Gigabit Content Security Router

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

WAN Failover Scenarios Using Digi Wireless WAN Routers

TK C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W. TK-Series Cellular Router

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

NCC Blade Network Communication Controller

NR50. Niveo Professional Multi WAN load balancing VPN router

Sistemas Arbor Box PC Rango extendido de Temperatura

XP5620. Fee Computer / Validator. The new generation of touch screen Fee Computer

Networking 4 Voice and Video over IP (VVoIP)

SSVVP SIP School VVoIP Professional Certification

Issue 10 / IT Infrastructure Industrial Firewall, 3G and VPN Router

How To Learn Cisco Cisco Ios And Cisco Vlan

150Mbps Wireless N Mini Pocket Router

Your Best Connection. LTE/HSPA+/UMTS/CDMA/EDGE/GPRS Cellular Router Technology. for Cellular Solutions. Designed for M2M Applications

ealize Your Potential AR150 and AR200 Series Enterprise Routers

Advanced Higher Computing. Computer Networks. Homework Sheets

COMPUTING INDUSTRIAL EMBEDDED RUGEDIZED 19 INDUSTRIE PC

Securing Your Network with pfsense. ILTA-U Dale Qualls Pattishall, McAuliffe, Newbury, Hilliard & Geraldson LLP dqualls@pattishall.

VPN. Date: 4/15/2004 By: Heena Patel

QuickSpecs. HP Compaq t5525 Thin Client. Overview

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

Security appliances with integrated switch- Even more secure and more cost effective

Gigabit Multi-Homing VPN Security Router

Multi-Homing Dual WAN Firewall Router

NETWORK SECURITY (W/LAB) Course Syllabus

Firewall VPN Router. Quick Installation Guide M73-APO09-380

TABLE OF CONTENTS NETWORK SECURITY 1...1

Networking Technology Online Course Outline

How To Configure L2TP VPN Connection for MAC OS X client

Huawei One Net Campus Network Solution

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Failsafe WAN, VoIP, IVRS & LAN connectivity

LAN M2M Device. AddPac Technology. 2014, Sales and Marketing.

QoS VPN Router.

Unified Services Routers

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

150Mbps Wireless N Mini Pocket Router

Specialized Programme on Internetworking Design and LAN WAN Administration

QuickSpecs. Models HP MSR Open Application Platform (OAP) with VMware vsphere MIM Module

Uniport appliances For corporate networks and operators

by Kaleem Anwar, Muhammad Amir, Ahmad Saeed and Muhammad Imran

IT-AD08: ADD ON DIPLOMA IN COMPUTER NETWORK DESIGN AND INSTALLATION

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address

Course Contents CCNP (CISco certified network professional)

Solutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.

YOUR BEST CONNECTION. HSPA+/UMTS/CDMA/EDGE/GPRS Cellular Router Technology FOR CELLULAR SOLUTIONS. Designed for M2M Applications

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

Network connectivity controllers

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Configuration Example

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Vyatta Network OS for Network Virtualization

COURSE AGENDA. Lessons - CCNA. CCNA & CCNP - Online Course Agenda. Lesson 1: Internetworking. Lesson 2: Fundamentals of Networking

WBS210/WBS510 Datasheet

IT 3202 Internet Working (New)

Virtualised MikroTik

Gigabit Multi-Homing VPN Security Router

HughesNet Broadband VPN End-to-End Security Using the Cisco 87x

Transcription:

Korenix Embedded Systems White Paper: Industrial Router Firewall and VPN Platform 1

White Paper: Industrial Router Firewall and VPN Platform Building Scalable and Secure Networks For today s Industrial Control and communications applications, the networks allowing these systems to be controlled and communicate are growing larger and more complex. Designing a network built on embedded systems technology requires that the embedded platform be robust, secure and manageable as commercial and management networks converge with industrial control and communications systems. The purpose of this white paper is to give an overview of the hardware features of the Korenix JetBox 9500 series, and how it can be implemented as an industrial embedded platform to facilitate the requirements of complex networks that require industrial grade routers, firewalls and VPN servers Why Industrial and When to Use Environmental conditions, reliability and available power are the key consideration in whether to use an industrial grade network device over a commercial grade. Some key considerations in the selection are as follows: - Temperature control : Commercial grade equipment typically needs to be housed in a clean, temperature controlled environment. The JetBox 9500 series is designed with extended temperature components, no moving parts or fans, allowing them to operate under harsher conditions than a commercial grade device. Another important consideration is in many application power outages can effect the temperature control of the devices operating environment, in this situation an industrial grade device is a better option than one which is commercial grade - Air quality and circulation : Since the JetBox 9500 series is fanless, air flow is not circulation in or around the electronic components inside the device. In the case of an environment where there is dust or high humidity, an industrial platform is ideal as the electronics components will not be exposed to dust or condensation that might effect the performance over time - Project Lifecycle and long MTBF: since the JetBox series has an ingress protection rating of IP31 and no moving parts, the MTBF is much higher than a commercial grade device. This in turn makes it ideal for a project requiring a longer lifecycle, such as 3 5 years, in which case a commercial grade device MTBF would be exceeded. - Wide operating voltage: the wide operating voltage of the JetBox series means that in some applications where a power system is already installed the JetBox series devices can be easily installed and implemented into the system. The low power consumption of these devices also makes them ideal for solar applications. 2

Why Jetbox 9500 series All of the JetBox 9500 series use the Intel RISC IXP430 processor. For extreme temperature applications there is an extended operating temperature model using the Intel RISC IXP435 processor. The hardware specification at a glance is as follows: JetBox 9562 4-Port Serial & 5-Port PoE Embedded Networking Platform Ideal for in-vehicle applications Linux ready Intel IXP430 processor 4-port PoE with 12~24V input voltage 4 serial ports Linux, JavaVM computing Optional wireless connection JetBox 9530 5-Port PoE Embedded Networking Platform Ideal for Industrial applications - Rugged, compact with DIN rail mounting Linux ready Intel IXP430 processor 4-port PoE Linux, JavaVM computing PCI-104 scalable board design and enclosure expansion available Optional WLAN, WiMax JetBox 9535 9-Port PoE Embedded Networking Platform Ideal for Industrial applications - Rugged, compact with DIN rail mounting Linux ready Intel IXP430 processor 8-port PoE Linux, JavaVM computing PCI-104 scalable board design and enclosure expansion available Optional WLAN, WiMax JetBox 9560 5-Port Vehicle PoE Embedded Networking Platform Ideal for in-vehicle applications Linux ready Intel IXP430 processor 4-port 12~24V vehicle PoE Linux, JavaVM computing Optional wireless connection 3

Network Appliance Applications OSI Layer 3 Breakdown 4

Router Routers are used for interconnecting subnets through WANs or the internet allowing departments, field sites and offices to be bridged. This could be to interface management and process automation data system or even VoIP services. Depending on network topology WAN interface of the JetBox 9500 series could connect to Wifi, WiMax, ADSL, E1/T1, Metro Ethernet, SDH/SONET CPE. The diagram below illustrates how multiple sites with different subnets can be networked via a WAN or the Internet. For this example we have suggested that in the case of an oil field or electrical substation, the environmental conditions would require that an industrial grade router such as the JetBox 9500 series be used. By default, the JetBox 9500 series come with open source embedded Linux installed that includes the open source Linux router application. Linux router can be configured through a pre-installed web interface (Webmin see below) to support layer 3 routing protocol such as RIP, OSPF, ISIS, BGP, DVMRP Alternatively a router application could be designed that could run on Linux. The JetBox 95xx comes pre-installed with Java VM 5

(Virtual Machine) allowing a Java based routing application to also be used. On the LAN facing side of the JetBox 9530 there are 4 PoE (Power over Ethernet ports), and on the JetBox 9535 there are 8 PoE (Power over Ethernet) ports. Using PCI-104 additional Ethernet ports can be added, along with RS232/422/485 ports on expansion cards allowing networking over different physical layers. 6

Firewall In today s industrial networking environments for both private and public sector applications, security threats from inside and outside networks present a problem the functioning of the network. While a small degree of security is introduced by sub netting the networks, the best way to protect each subnet from malicious attacks is to install a firewall to analyze and control incoming and outgoing data. The JetBox 9500 series is the ideal platform for building an industrial firewall. The firewall functionality can run along side the router functionality, while providing additional security to the network. By default the JetBox 9500 has Linux installed which includes the IPTABLES firewall application, alternatively a custom Linux based firewall application can be used. The JetBox 9500 also support Java VM (virtual machine) allowing for easy development of a java based firewall application. On the LAN facing side of the JetBox 9530 there are 4 PoE (Power over Ethernet ports), and on the JetBox 9335 there are 8 PoE (Power over Ethernet) ports. Using PCI-104 additional Ethernet ports can be added, along with RS232/422/485 ports on expansion cards allowing networking over different physical layers. 7

VPN Server In a situation where multiple subnets or devices on a network that a separated by a WAN/Internet, the ideal technology to use is VPN (Virtual Private Networking). This allows secures tunnels to be opened across the WAN that can be configured to be only access to particular subnets or particular devices on a subnet. The diagram below shows a VPN architecture: The JetBox 9500 series is the ideal platform for building an industrial VPN Server. The VPN Server functionality can run along side the router and firewall functionality, while providing VPN tunnelling to WAN/LAN separated devices, subnets, or particular devices on a subnet that are part of a virtual private network. By default the JetBox 9500 has Linux installed which includes the OPENVPN VPN server application, alternatively a custom Linux based VPN Server application can be used. The JetBox 9500 also support Java VM (virtual machine) allowing for easy development of a java based VPN server application. On the LAN facing side of the JetBox 9530 there are 4 PoE (Power over Ethernet ports), and on the JetBox 9335 there are 8 PoE (Power over Ethernet) ports. Using PCI-104 additional Ethernet ports can be added, along with RS232/422/485 ports on expansion cards allowing networking over different physical layers. 8

Operating System and Software Specification Embedded Linux Bootloader: JetBox bootloader Linux Kernel: 2.6.20 Shell: GNU ash File system: jffs2, NFS, Ext2, Ext3, VFAT, FAT Device drivers: SD card, CF card, USB, Watchdog timer, UART, Ethernet, DIO Protocol: ARP, PPP, CHAP, IPv4, IPv6, PAP, ICMP, TCP, UDP, NFS, RIP, RIP-II, OSPF, ISIS, BGP, DVMRP, L2TP, PPTP, SLIP, VLAN, IPsec, OpenVPN Software packages: busybox (telnetd, inetd, udhcp), e2fsprongs, i2c-tools, ltp-testsuite, microcom, mtd, pciutils, setserial, usbmount,usbutils, bridge-utils, ethtool, iptables, net-snmp, ntp, openssh, openssl,openvpn, openswan, pppd, pptp-linux, proftpd, samba, smtpclient, bind, l2tp, mrouted, quagga, wireless-tools, jamvm, syslogd, udhcp, goahead web server JavaVM Korenix Linux auto-run function Customized configuration Process monitoring SDK Linux tool chain: Gcc (C/C++ PC cross compiler), uclibc Linux sample code Note: Please check products page, for datasheets and latest OS support information 9

Ordering Information JetBox 9530 Intel IXP430 667MHz, 48V DC, 128MB DDR2 RAM JetBox 9530-w Intel IXP435 667MHz, 48V DC, 128MB DDR2 RAM, -40~80oC JetBox 9535 Intel IXP430 667MHz, 48V DC, 128MB SDRAM JetBox 9535-w Intel IXP435 667MHz, 48V DC, 128MB DDR2 RAM, -40~80oC JetBox 9560 Intel IXP430 667MHz, 12~24V DC, 128MB DDR2 RAM JetBox 9560-w Intel IXP435 667MHz, 12~24V DC, 128MB DDR2 RAM, -40~80 JetBox 9562 Intel IXP430 667MHz, 12~24V DC, 128MB DDR2 RAM, 4 RS232/422/485 JetBox 9562-w Intel IXP435 667MHz, 12~24V DC, 128MB DDR2 RAM, -40~80, 4 RS232/422/485 External Links Webmin Linux Router IPTABLES OpenVPN http://www.webmin.com/ http://www.linuxrouter.org/ http://www.netfilter.org/ http://www.openvpn.net/ About Korenix Korenix Embedded Solutions offers the feature rich JetBox range that are the ideal platform for industrial networking and communications using super reliable RISC processors, with our embedded systems designed by industrial electronics experts for deployment in the harshest environments. Our products are designed and manufactured with the highest quality, offering platforms that meet the requirements beyond those of commercial off the shelf Industrial Networking Equipment. 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information