Industrial-Secure-Routers-EDR-G902-Series-Moxa-vietnam.jpg

Industrial Secure Routers EDR-G902 Series Moxa vietnam


Features and Benefits Moxa industrial firewalls

  • Firewall/NAT/VPN/Router all-in-one
  • Secure remote access tunnel with VPN
  • Protect critical assets with stateful firewall
  • Inspect industrial protocol with PacketGuard technology
  • Easy network setup with address translation (NAT)
  • Dual WAN redundant interfaces through public networks
  • Support for VLANs in different interfaces
  • -40 to 75°C operating temperature range (T model)
  • ISA99 / IEC 62443 / NERC CIP compliance

Introduction

The EDR-G902 series is a high-performance, industrial VPN server with a firewall/NAT all-in-one secure router. It is designed for Ethernet-based security applications in sensitive remote control or monitoring networks, and it provides an Electronic Security Perimeter for the protection of critical cyber assets such as pumping stations, DCS, PLC systems on oil rigs, and water treatment systems. The EDR-G902 series includes the following cybersecurity features:

  • Virtual Private Network (VPN): VPNs are designed to provide users with secure communication links when accessing a private network from the public Internet. They use IPSec (IP Security) server or client mode for encryption and authentication of all IP packets at the network layer to ensure confidentiality and sender authentication.
  • Firewall: Controls network traffic between different trust zones. Network Address Translation (NAT), which shields the internal LAN from unauthorized activity from outside hosts, is included.

The EDR-G902’s Quick Automation Profile function supports most common fieldbus protocols, including EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, Modbus/TCP, and PROFINET. Users can easily create a secure Ethernet Fieldbus network from a user-friendly web UI with a single click. In addition, Moxa’s PacketGuard technology (Deep Packet Inspection) helps to filter Modbus TCP commands at OSI layer 7. The wide temperature range models that are available operate reliably in hazardous, -40 to 75°C environments.

Whitepaper

The right industrial firewall can strengthen the safety and reliability of control systems

    

In this paper, we present important considerations for implementing network security and network security risk management. We also include information on how to develop mitigation strategies for specific problems and provide directions on how to choose the right industrial firewall to ensure safety and reliability for industrial networks........more

Firewall

---------------------------------------------------------------------------------------------------------------------------------------------------------

White Paper

Protecting Industrial Control Systems with Gigabit Cybersecurity

 

An Industrial Control System (ICS) needs the type of network security that takes into consideration its central role in industrial applications. Problems that arise in ICS operations can result in losses on many different levels, including costs incurred from equipment damage, and even loss of life. Although ICS networks may use some of the same technology and devices as enterprise IT systems, from a hands-on practical point of view, ICS network security differs in three aspects: protecting devices, content for filtering, and operating environment...........more

Gigabit

---------------------------------------------------------------------------------------------------------------------------------------------------------

FAQ

Is Your Network Infrastructure Ready for the IIoT?

    

The Industrial Internet of Things (IIoT) trend aims to improve efficiency and productivity by connecting different devices together as well as collecting and analyzing large volumes of data to offer accurate information. However, before reaping the benefits of the IIoT, users need to ensure that the correct infrastructure is in place. To make sure your network is ready for the IIoT, check out five of the most frequently mentioned questions........more

FAQ_cover

Technology
Standards IEEE 802.3 for 10BaseT
IEEE 802.3u for 100BaseT(X) and 100BaseFX
IEEE 802.3ab for 1000BaseT(X)
IEEE 802.3z for 1000BaseX
Protocols SNMPv1/v2c/v3, DHCP Server/Client, TFTP, NTP/SNTP server and client, HTTP, HTTPS, Telnet, SSH, Syslog, SMTP, LLDP, PPPoE, PPTP, Dynamic DNS, traffic prioritization
Routing Static routing, RIP V1/V2, OSPFThroughput:
• Max. 25000 packets per second (or 300 Mbps)
Routing Redundancy VRRP
VLAN 5 VLANs per interfaces (VLAN ID: 1 to 4094)
Flow Control IEEE 802.3x flow control, back pressure flow control
Security Functions
Firewall Features:
• Stateful inspection
• Router firewall and transparent (bridge) firewall
• Filter: IP and MAC address, ports, ICMP, Ethernet protocols
• Deep Packet Inspection: Modbus TCP/UDP
• Quick Automation Profiles: EtherCAT, EtherNet/IP, FOUNDAT
DoS and DDoS Protection Null Scan, Xmas Scan, NMAP-Xmas Scan, SYN/FIN Scan, FIN Scan, NMAP-ID Scan, SYN/RST Scan, NEW-Without-SYN Scan, ICMP-Death, SYN-Flood, ARP-Flood
NAT N-to-1, 1-to-1, bidirectional 1-to-1, and port forwarding
IPSec VPN Protocols:
• IPSec
• L2TP (server)
• PPTP (client)
Encryption:
• DES, 3DES, AES-128, AES-192, AES-256
Authentication:
• RSA (key size: 1024-bit, 2048-bit)
• X.509 v3 certificate
• MD5 and SHA (SHA-256)
Throughput:
• Max. 60 Mbps (Condition: AES-246, SHA-256)
OpenVPN Protocols:
• OpenVPN (client and server), UDP and TCP
• Tunnel mode (routing) and TAP mode (bridge)
Encryption:
• Blowfish CBC, DES CBC, DES-EDE3 CBC, AES-128/192/256 CBC
Authentication:
• User password by MD5 and SHA1
Concurrent VPN Tunnels:
• Server mode: max. 5 external clients
• Client mode: max. 2 external servers
Real-Time Firewall / VPN Event Log • Event Type: Firewall Event, VPN Event, System Security Event
• Media: Local storage, Syslog server, and SNMP trap
Interface
WAN/WAN1 1 RJ45/Fiber combo port
WAN2/DMZ 1 RJ45/Fiber combo port
LAN RJ45
RJ45 Ports 10/100/1000BaseT(X) auto negotiation speed
Fiber Ports 100/1000BaseSFP slot
LED Indicators PWR1, PWR2, FAULT, 10/100/1000M
Alarm Contact One relay output with current-carrying capacity of 1 A @ 24 VDC
Digital Inputs 1 input
• +13 to +30 V for state “1”
• -30 to +3 V for state “0”
• Max. input current: 8 mA
Power Requirements
Input Voltage 12/24/48 VDC, redundant dual inputs
Input Current 0.45 A @ 24 V
Overload Current Protection Present
Connection Removable terminal block
Reverse Polarity Protection Present
Physical Characteristics
Housing Metal, IP 30 protection
Dimensions 51 x 152 x 131.1 mm (2.01 x 5.98 x 5.16 in)
Weight 1250 g (2.82 lb)
Installation DIN-rail mounting, wall mounting (with optional kit)
Environmental Limits
Operating Temperature Standard Models: 0 to 60°C (32 to 140°F)
Wide Temp. Models: -40 to 75°C (-40 to 167°F)
Storage Temperature -40 to 85°C (-40 to 185°F)
Ambient Relative Humidity 5 to 95 % (non-condensing)
Standards and Certifications
Safety UL 508
EMC EN 55032/24
EMI CISPR 32, FCC Part 15B Class A
EMS IEC 61000-4-2 ESD: Contact: 6 kV; Air: 8 kV
IEC 61000-4-3 RS: 80 MHz to 1 GHz: 10 V/m
IEC 61000-4-4 EFT: Power: 4 kV; Signal: 4 kV
IEC 61000-4-5 Surge: Power: 2 kV; Signal: 1 kV
IEC 61000-4-6 CS: Signal: 10 V
IEC 61000-4-8
Marine DNV (EDR-G902)
Shock IEC 60068-2-27
Freefall IEC 60068-2-32
Vibration IEC 60068-2-6
MTBF (mean time between failures)
Time 530,000 hrs
Standard Telcordia (Bellcore), GB
Warranty
Warranty Period 5 years
Details www.anhnghison.com