Communication : Firewalls
SoftPLC Corporation provides high performance VPN firewalls that protect ethernet to ethernet connections such as industrial network to business network, or industrial networks/devices connected to remote sites via the internet. Powerful security features block dangerous and/or unwanted communications from entering your network. We offer two categories of industrial network protection products:
- Embedded firmware adds firewall capability to any SoftPLC controller, RTU, or Gateway product
- Stand-alone hardware firewalls on industrial computers loaded with our Gatecraft Linux and Firewall package. (Smart and Hardbook models are available)
The firewall protection and configuration features are the same for both categories. In most cases, the hardware is the same as well. The difference is whether additional SoftPLC product functions are also included in the firmware or not.
-
Firewall Features
- Compatible with industrial ethernet protocols (Ethernet/IP, ModbusTCP, etc)
- Stateful inspection firewall security
- Multiple VPN tunnels with fast compression and encryption
- NAT / IP Masquerading
- SYN Denial of Service
- PPTP
- DHCP / BOOTP Server and BOOTP gateway / relay
- Port Forwarding, made simple
- Blacklisting
- Anti-spoofing
- License for unlimited, simultaneous users
- Pre-defined configuration templates reduce install time, provide secure defaults
- Configuration is done over Ethernet in human readable rules syntax
- Monitoring functions include realtime log and connection viewing with filtering options
- Logging new connections, bad packets, changes, traffic volume accounting
Hardware features vary by model, refer to specifications. If you need a hardware configuration not shown, contact us for custom or alternative offerings.
Setup and configuration of the firewall is via an included utility program, accessed through an Ethernet port or the serial console.
-
Smart Firewalls
Any Smart family product can include firewall capability by purchasing a firmware add-on (Cat No SPZ-FW). The Firewall can be configured to protect both Ethernet and PPP communications.
- A Smart SoftPLC with the Firewall option (Cat No SPZ-FW) can be a stand-alone industrial firewall and secure router, which we refer to as a Smart Netbox. It is a value-priced offering for a ruggedized VPN for remote access, for protecting an industrial network from the business network, or for other similar needs.
- A Smart SoftPLC or Smart Gateway with the Firewall option, provides built-in security, eliminating the need for a stand-alone firewall.
-
Hardbook Firewalls
Any Hardbook can be a firewall/router. All Hardbooks have at least 2 Ethernet interfaces. Some models can be equipped with additional interfaces or ports, of any type of port - 10/100 BaseT, Gigabaud, Fiber, etc. Let us know your network configuration and goals - we'll match those with our best fit solution for your application.
- A Gatecraft Shield is a stand-alone industrial firewall and secure router. It is a value-priced offering for a ruggedized VPN for remote access, for protecting an industrial network from the business network, or for other similar needs.
- A Hardbook SoftPLC, with the Firewall option (Cat No SPZ-FW), provides built-in security in a Programmable Automation Controller, eliminating the need for a separate firewall.
Applications
+ Example customer applications..-
Documentation
- Smart Netbox Data Sheet
- Smart Product Family Data Sheet Smart family of products features and functions, and generic hardware specifications.
- Firewall Configuration Manual