The mGuard OPC Inspector counters this problem by using deep packet inspection for OPC Classic. work address translation) routing cannot be used. ![]() In addition, works, the mGuard OPC Inspector’s intelligent deep the communicated client and server IP addresses within packet inspection even allows the use of NAT procedures the OPC connection entail that conventional NAT (net- such as masquerading or 1:1 NAT – a world first. TCP port numbers, but instead negotiating new port numbers within the first open connection) means that intermediary firewalls can only be used with wide-open And for an individual segmentation of OPC-based net- gates, meaning they have virtually no effect. ![]() In stealth mode, the mGuard can be installed in the network with no changes necessary to the end devices. not using fixed mented in systems in which OPC Classic is used. PHOENIX CONTACT 3 FL mGuard application scenarios Protect your industrial networks The mGuard can be used to protect individual components or an entire production cell. With the mGuard OPC Inspector, this concept can now be imple- The basic concept of OPC Classic (i.e. tralized protection of these individual segments. This concept relies on the PLCs and process control systems, but also by corporate network segmentation of systems, along with the decen- databases and other business-oriented systems. This is remedied OPC Classic is supported by a wide range of industrial through the implementation of the “Defense in Depth” and business applications, such as HMI workstations, concept, based on ISA-99. Stuxnet has shown, for example, that attacks by means of compromised USB sticks are also possible from within the system itself. This connection tracking enables the highest level of security! Defense in Depth Attackers use various means to obtain access to production facilities. And certainly, granular firewall rules can be used to precisely define which clients can communicate with which servers via OPC. If no OPC packets are transmitted via these ports within a configurable timeout, they are closed again. The TCP ports negotiated within the first open connection are also reliably detected and opened for OPC packets. The mGuard utilizes the Phoenix Contact Secure Cloud, which offers operators and machine builders a highly secure, web-based method for instant remote services to any machine and production plant within a client's network. Various Process Control, it is now usually referred to as OPC options can be configured, such as whether only OPC packets may be transmitted via the OPC Classic Port 135. Phoenix Contact's mGuard is a cloud-based VPN router that offers built-in security to your industrial network. Originally developed as OLE for fore analyzing and modifying these as necessary. Protecting industrial networks The intelligent protection for OPC Classic Deep packet inspection for OPC Classic OPC is one of the most widely accepted standards to During the deep packet inspection process, the mGuard meet the demands of universal data access in the world literally looks deep into the transmitted data packets be- of industrial automation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |