Industrial Firewall
Industrial Firewall
The evolving and deepening integration of IT application and industrialization save industrial systems from being insular island of security, and the security threats faced by those systems are continually increasing. Traditional security devices, however, fail to recognize industrial protocols, thus providing limited protection for industrial systems. To address security issues in the industrial control systems, DPtech, upon in-depth research and development, launched the DPtech IFW1000 Series Industrial Firewall. In addition to packet filtering and status detection available in traditional security devices, it is capable of accurately detecting industrial protocols, such as OPC, Modbus, IEC104, IEC61850/MMS and others. Through deep analysis and filtering in terms of command, command address, and value range, professional security protection for industrial systems such as SCA, DADCS, PCS and PLC can be achieved.
MorePresets with nearly 100 protocols, including Modbus, OPC, IEC104, DNP3, EN IP, IEC61850, BACnet, and FINS, the DPtech IFW1000 Series supports custom extensions of industrial protocols to meet the requirements of various industrial scenarios.
DPtech IFW1000 Series supports deep analysis and filtering of various industrial protocols, enabling command-level control on industrial protocols.
Capable of self-learning of industrial protocol traffic, the DPtech IFW1000 Series supports intelligent generation of white list policies and allows users to check deployment policies with a single click, to enable easy deployment and configuration.
DPtech IFW1000 Series provides all-pass, testing, and protection modes to ensure successful adoption and minimize any possible impact brought by launching an Industrial Firewall on business.
With fully supporting IPv6 , the DPtech IFW1000 Series provides dual stack protection, fully adapting to the next generation network environment.
Product Functions | Function Descriptions |
---|---|
Flexible Deployment | Support transparent mode and gateway mode |
Full support of industrial protocols | Support nearly 100 industrial protocols, including Modbus, OPC, IEC104, and IEC61850/MMS, and customized scalability is enabled |
Deep Inspection of Industrial Protocols | Upon inspection of protocol formats, abnormal requests from violating protocols can be blocked. Based on preset security rules, check and match the content of industrial protocols to realize granular control on commands and parameters. |
Network Layer Control | IPv4 and IPv6 packet filtering: access control based on source destination domain, source destination address, service, user, time, etc. NAT: Support source NAT, destination NAT, one-to-one NAT and NAT address pool Status detection: Status detection is enabled based on TCP and ICMP |
Attack Protection | Support basic attack protection, MAC/IP binding, ARP attack protection, web scanning management and other protections |
Log Management | Support multiple logs concerning industrial protocols, including security logs, system logs, operation logs, etc. |
Built-in VPN | In integration with professional VPN functions, professional tunnel encryption protection for data transmitted in industrial control networks is enabled through encryption, authentication and tunneling, thus avoiding leakage of important data and safeguarding the integrity and confidentiality of data transmission. |
These specifications apply only to DPtech products available on the international market.
Product Functions | Function Descriptions |
---|---|
Flexible Deployment | Support transparent mode and gateway mode |
Full support of industrial protocols | Support nearly 100 industrial protocols, including Modbus, OPC, IEC104, and IEC61850/MMS, and customized scalability is enabled |
Deep Inspection of Industrial Protocols | Upon inspection of protocol formats, abnormal requests from violating protocols can be blocked. Based on preset security rules, check and match the content of industrial protocols to realize granular control on commands and parameters. |
Network Layer Control | IPv4 and IPv6 packet filtering: access control based on source destination domain, source destination address, service, user, time, etc. NAT: Support source NAT, destination NAT, one-to-one NAT and NAT address pool Status detection: Status detection is enabled based on TCP and ICMP |
Attack Protection | Support basic attack protection, MAC/IP binding, ARP attack protection, web scanning management and other protections |
Log Management | Support multiple logs concerning industrial protocols, including security logs, system logs, operation logs, etc. |
Built-in VPN | In integration with professional VPN functions, professional tunnel encryption protection for data transmitted in industrial control networks is enabled through encryption, authentication and tunneling, thus avoiding leakage of important data and safeguarding the integrity and confidentiality of data transmission. |
These specifications apply only to DPtech products available on the international market.