Microwall Bridge, průmyslový Firewall and Ethernet Bridge
Microwall Bridge, průmyslový Firewall and Ethernet Bridge
The industrial network bridge will separate Ethernet devices in the same network range and the traffic between them will work according to the firewall rules. Data traffic can be unidirectional or bidirectional and communication is only between defined IP addresses, protocols and ports. More
Manufacturer: W&T Code: 55411
The industrial network bridge will separate Ethernet devices in the same network range and the traffic between them will work according to the firewall rules. Data traffic can be unidirectional or bidirectional and communication is only between defined IP addresses, protocols and ports. More
Manufacturer: W&T Code: 55411
A Microwall Bridge is a network element that is inserted into an Ethernet network to separate (isolate) devices on the network or to restrict Ethernet communication to those devices. It is used, for example, to separate older computers on a network that might be a security threat on the network because they still have an older and poorly secured operating system. Another reason may be the need to define and clearly configure Ethernet communication to PLC systems, e.g. enabling the port only for OPC UA communication, for reading data into the production system, etc.
The Microwall Bridge is placed in the network to separate devices in the same network range. If two different networks need to be connected (i.e. different IP address ranges), a Microwall VPN device must be used.
Whitelist
The Microwall Bridge works on the whitelist principle, i.e. after placing it in the network it isolates all communication from port 1 to port 2. The principle of whitelisting is that everything is initially forbidden and we allow what we need. The devices that are to be isolated from the rest of the network are connected to port 2. Using rules, we gradually enable the necessary communication. Within the rules we define the IP address, ports, type of communication (TCP/UDP/FTP) and the direction in which they should communicate.
Example of using the Microwall Bridge
We have a production machine with PLC S7-1500 control system. This PLC runs a web interface and an OPC UA server to read data from the PLC. We only want to read data from the company network via OPC UA, the rest of the communication is undesirable for security reasons.
Rule Settings
By adding rules, we gradually enable the necessary communication on port 2. In our case it is sufficient to enable TCP port 4840.
All set communication rules can be seen in the Firewall rules overview
Properties:
Interfaces:
- 2x Ethernet 100/1000BaseT
- Autosensing and Auto-MDIX
- High data throughput
- Gigabit Ethernet
- max. 900MBit/s
- Low latency times thanks to powerful hardware platform
Connectivity:
- Implementation as bridge
- No intervention in the routing concept of the network
- No intervention in the IP configuration of the associated devices
- Consistent whitelist-based firewall concept
- Filter rules based on IPv4 addresses and TCP/UDP port numbers
- Logging
- Identification of undesired communication attempts
Management & Security:
- Secure firmware concept with Secure Boot
- No uploading of manipulated firmware or third-party firmware
- Configuration via HTTPS-Only Mode
- Supports individual certificates
- Fast startup using WuTility or DHCP
- Required password without default login
- Port management for all local services
- All service/management services can be configured/deactivated
- Network management systems
- Optional support for SNMPv2c/3 (read)
Supply Voltage
- External power
- Screw terminals, 24V-48V DC
- Power-over-Ethernet (PoE)
Standards & more
- Conforms to standards both in office and industrial environments:
- High noise resistance per EN 61000-6-2
- Low noise emission per EN 55032:2015 + A1 Cl. B, EN 61
Highlighted items are mandatory.
Accessories1
Power supply 24V 5A 120W
25,41 EUR incl. VAT