Industrial Network Security Systems - Belden
2y ago
22 Views
1 Downloads
1.51 MB
8 Pages
Report/dmca
Download PDF

Transcription

Industrial Network Security SystemsFirewall solutions uniquely designedand certified to protect your assetsin hardened industrial conditions.

Belden’s Industrial Network Security Systems are Designedto Protect Your Assets.No business or industry is safe from attack. Whether intentional or accidental, threats cancome at the hands of internal personnel or external hackers. Either way, an unprotectednetwork puts your enterprise at risk.Firewalls representan indispensable toolfor network security.While industrial-grade switches and routers provide many security features, you need industrialfirewalls to control communication between devices and secure communication across theentire network.EAGLE One Industrial Firewall/VPN Router System3Tofino Xenon Security Appliance4EAGLE20/30 Multiport Industrial Firewall System5You can depend on us to keep your critical infrastructure secured by Industrial NetworkSystems from Belden.2Page

EAGLE One Industrial Firewall/VPN SystemThe Gold Standard for Industrial FirewallsKey BenefitsLayer 2 and Layer 3 stateful inspection firewall. Helps you segment your network forpowerful defense-in-depth protection.Redundant backbone network connections for production cells. Easily connect tothe backbone via Network Address Translation (NAT) and Router Redundancy and engagethe innovative Firewall Learning Mode (FLM) for smooth start-up based on recognizednetwork traffic patterns.Safe and cost-effective protection of automation networks. S upports static IPv4 routing and Fast Ethernet (10/100 Mbits/s) ports, either fiberor copper Operates transparently to redundancy methods (RSTP and Hirschmann RedundantRing Coupling in Layer 2 mode) O ffers both router redundancy with stateful packet inspection and NAT failover inLayer 3 mode S upports multiple transmission and encryption standards, including PPPoE, PPP formodem dial-up, IKEv1/v2, IPsec and NAT Integrates easily into remote service concepts, enabling you to control VPN connectionsvia digital inputUser-friendly configuration and diagnostic options. Graphical User Interface works withother Hirschmann tools such as Industrial HiVision, HiView and HiDiscovery, making theEAGLE One the most desirable configuration and diagnostic industrial security appliancethe market has to offer.Built to withstand harsh industrial environments. Certified by Germanischer Lloyd foroffshore and renewable energy use and compliant with IEC 61850-3 for substations andATEX and ISA 12.12.01 HazLoc for potentially explosive operations.Target Applications Electrical substations Power transmission and distribution Renewable energy – offshore platforms, wind farms Transportation – road, rail, shipping Mechanical and plant engineering Oil & gas operations3

Tofino Xenon Security ApplianceAdvanced Firewall Designed Especially for Industrial Control NetworkProtectionKey BenefitsLayer 2 security appliance, not just a firewall. Prevents problems inside a network fromproliferating and spreading around the network and acts as a bridge so engineers don’thave to make major IP address and network changes as with other router security devices.Advanced filtering and firewalling with a technology called Deep Packet Inspection (DPI).Identifies and distinguishes different data types to determine what will be allowed to pass;available for the most common protocols, including EtherNet/IP, Modbus, OPC.Designed for minimal disruption. Two things accomplish this: Arrives in a passive mode. Undetectable to the network until your controls engineerconfigures it; can be added to a running network without shutdown Offers a Test Mode. Enables your engineer to test firewall rules without actually affectingthe networkBuilt to withstand harsh industrial environments. Certified by Germanischer Lloyd foroffshore and renewable energy use and compliant with IEC 61850-3 for substations and ATEXand ISA 12.12.01 HazLoc for potentially explosive operations.Target Applications Electrical substations Power transmission and distribution Renewable energy – offshore platforms, wind farms Oil & gas operations Mechanical and plant engineering Transportation – road, rail, shipping4

EAGLE20/30 Multiport Industrial Firewall SystemAdvanced Security Features and Built-in HiSecOS Software Eliminatethe Need for Multiple RoutersKey BenefitsMultiple ports offer high flexibility and cost saving. Comes with up to 8 ports, including2 x Gigabit, 4 x Fast Ethernet and 2 x SHDSL, to allow you to use a single device for multiplepurposes like firewalling with Fast Ethernet ports, filtering with Gigabit ports and WANcommunication using SHDSL ports.Ruggedized design for every Industrial application. Fanless design and extendedtemperature range approved for almost all industrial environments so you can put thisLayer 3 firewall anywhere near the control systems.External Interfaces for fault finding and recovery. Additional interfaces like USB, SD Card,V.24, Digital I/O, etc. allow faster fault finding and make it possible to revert to normal state byusing backward files and logs saved on the device through external interfaces.Defense in Depth at Layer 3 by combining Filtering and Deep Packet Inspection. UsesStateful Packet Inspection (SPI) and ACLs to protect your network from any unauthenticatedsource; uses Deep Packet Inspection to analyze each packet and allow only authenticated packets to pass through the network.NAT (Network Address Translation). EAGLE20/30 is used with NAT to define duplicateaddress range for similar production cells.Target Applications Automotive Machine building Process automation Transportation Water/wastewater Food and beverage General manufacturing Oil and gas operations Energy Custom interface environments– LAN, SHDSL, cellular LTE (4G)/3G5

Firewall Features at a GlanceTypeEAGLE OneTofino XenonEAGLE20/30PhysicalNumber of 100Mb/s Ports22Number of 1Gb/s Ports––2Serial Port333333334––3333339.6 to 60 V DC, 18 to 30 V AC9.6 to 60 V DC, 18 to 30 V AC18 to 60 V DC, 48 to 320 V DC, 88 to 265 V ACOperating Temperature0 C to 60 C, -40 C to 70 C0 C to 60 C, -40 C to 70 C0 C to 60 C, -40 C to 70 CDimensions (W x H x D)60 x 145 x 125 mm60 x 145 x 125 mm98 x 164 x 120 mmWeight660 g600 g1500 gProtection ClassIP20IP20IP3033333333333333333333Redundant Power SupplyRelay ContactDigital InputACA20 (USB)ACA30 (SD)Voltage–3CertificationscUL508Germanischer LloydEN 60950EN 61850-3IEEE 1613ISA-12.12.01 Class 1 Div 2NEMA TS 2––EN 50121-4333333FirewallStateful Packet Inspection FirewallLayer 3 Firewall–333 (ACLs only)3Firewall Rules Using IPand MAC Addresses in the Same Rule–33User Firewall Accounts3––Access Control Lists––333333Layer 2 FirewallConfigurable Default Policy (Accept/Drop/Reject)––Denial of Service PreventionFirewall Learning Mode333Deep Packet Inspection–3333333Rate LimitingPreconfigured Rules for Industrial Protocols–Preconfigured Rules for Industrial Devices–Asset-based Firewall Configuration––––Time33–3–––IP Masquerading333Double NAT––3333NTP Client/ServerSNTP Client/ServerNAT1:1 NATPort Forwarding––SecurityUser Management3–Password Policy––Limited Login Attempts––SNMP v1/2/3, HTTPS, SSH3–HTTPS Certificate Import via Web Interface––633333

TypeEAGLE OneTofino XenonEAGLE20/30Security (continued)RADIUS Authentication3–Encrypted Configuration File––Persistent Log Files333Login BannerEditable CLI Prompt––IP Access Restriction SSH/HTTPS/SNMP3–333333Operation without IP Address–––VLANs––Static MAC Addresses––Configurable Aging Timer––Prioritization––802.1D/p Mapping––33333–Secondary IP Interface 33PPPoE3–––SwitchRouterStatic RoutingPort Based RoutingVLAN Based Routing–––VPNIPSec it Trail––3333RedundancyLayer 2 RedundancyRouter RedundancyLoggingEvent LogManagementIndustrial HiVision3–Central Management Platform–3–Multiple Device Simultaneous Configuration–Multiple Stored Configuration Files333333333333Automatic Software Updates––Port Auto Power Down––Store Two Versions of Firmware3–3333333333333333333––SNMP TrapsLLDPPort StatisticsPort Configuration CheckConfiguable Device Status LevelsSelf TestsDevice Status AlarmHiDiscoveryManagement VLANUndo Modification of P ServerDHCP Relay AgentDNS ServerDynDNS–––3––7

www.beldensolutions.comGLOBAL LOCATIONSFor more information, please visit us at:www.beldensolutions.comUNITED vision Headquarters National BusinessCenter– AmericasDivision Headquarters Division Headquarters– EMEA– APAC2200 U.S. Highway 27 South 2280 Alfred-NobelRichmond, IN 47374Suite 200Saint-Laurent, QCPhone: 765-983-5200Inside Sales: 800-235-3361 Canada H4S 2A4Edisonstraat 95928 PG Venlo, 5900 AA,Postbus 9The NetherlandsFax: 765-983-5294info@belden.comwww.belden.comPhone: 514-822-2345Fax: 514-822-7979BeldenLATIN AMERICA and2200 U.S. Highway 27 South the CARIBBEANISLANDSRichmond, IN 47374aInside Sales:1-800-BELDEN-1(1-800-235-3361)Phone: 765-983-5200Fax: 765-983-5294info@belden.comIndustrial Networking(Hirschmann/GarrettCom/Tofino Security)255 Fourier Ave.Fremont, CA 94539, USAPhone: 510-438-9071Fax: nal Office6100 Hollywood BoulevardSuite 110Hollywood, Florida 33024Phone: 954-987-5044Fax: 954-987-8022salesla@belden.com7/F Harbour View 216 Science Park East AvenueHong Kong Science ParkShatin, Hong KongPhone: 31-773-878-555 Phone: 852-2955-0128Fax: 852-2907-6933Fax: 31-773-878-448venlo.salesinfo@belden.com gional OfficesManchesterInternational OfficeCentre, Suite 13Styal RoadManchester M22 5WBUnited KingdomPhone: 44-61-4983749Fax: nal OfficesUnit 301 No. 19 Building,1515 Gu Mei RoadCaohejing High-tech ParkShanghai 200233People’s Republic of ChinaPhone: 021-54452388Fax: 021-54452366/77hongkong.sales@belden.com101 27 International BusinessPark #05-01 iQuest @ IBPSingapore 609924Location Neckartenzlingen – Phone: 65-6879-9800Stuttgarter Straße 45-51Fax: 65-6251-501072654 hone: 49-(0)-712714-0Fax: 49-(0)-7127/14-1313inet-sales@belden.comBelden, Belden Sending All The Right Signals, GarrettCom, Hirschmann, Lumberg Automation, Tofino Security, Tripwire and the Belden logo aretrademarks or registered trademarks of Belden Inc. or its affiliated companies in the United States and other jurisdictions. Belden and other partiesmay also have trademark rights in other terms used herein. Copyright 2016, Belden Inc.INDUSTRIAL-NETWORK-SECURITY-SYSTEMS BR INIT MBB 0516 E EMEA

Belden’s Industrial Network Security Systems are Designed to Protect Your Assets. No business or industry is safe from attack. Whether intentional or accidental, threats can come at the hands of

Related Books

Industrial Security Network Security - Siemens

Industrial Security Network Security - Siemens

Belden Copper Catalog

Belden Copper Catalog

Cisco Network Security Network Security Dig 5.1 Network .

Cisco Network Security Network Security Dig 5.1 Network .

Volume 2 April Industrial Cybersecurity

Volume 2 April Industrial Cybersecurity

Industrial Security Protecting networks and facilities .

Industrial Security Protecting networks and facilities .

GFI LANguard Network Security Scanner

GFI LANguard Network Security Scanner

Network Security Zones - British Columbia

Network Security Zones - British Columbia

15. Design of plumbing systems for industrial and .

15. Design of plumbing systems for industrial and .

Managing Security with SAP Solution Manager

Managing Security with SAP Solution Manager

CompTIA Security Practice Tests

CompTIA Security Practice Tests

Operational Guidelines for Industrial Security

Operational Guidelines for Industrial Security

PopularTags

Recent Views