Topic:
Islandization with small firewalls
IT security for machines, devices and systems
More links
Whether it’s a machine tool, X-ray machine or lift controller: many of these devices are network capable but based on antiquated and/or non-patchable operating systems. This makes them an easy target, representing a risk not only in themselves but also for other network devices. Micro firewalls isolate and segment these systems. They control, monitor and log communication using IP- and port-based rules to close many security gaps. Remote access, such as when service is needed, is option via a VPN which is enabled by the user as required.
Tutorials
-
Isolating a CNC milling machine in the network
- Closing security gaps using new network segments
- Detailed application example
-
Important firewall rules
- Standard firewall rules for assisting in the configuration of typical application cases
-
Access a Web-IO from a smartphone using a VPN tunnel
- Connecting a smartphone with a Web-IO
- Protected connection through a WireGuard VPN connection
-
WireGuard VPN tunnel between 2 networks
- Connection between two PCs in different network segments
- Step-by-step manual for configuration
More on the topic
-
Firewalls, segmentation and islandization
- Monitor firewalls, control and log communication between subnets
- Packet filters block malware
-
Find security gaps in the network with nmap
- Identify open ports to eliminate possible weak points
- Analysis of terminal devices, operating systems etc.
-
VPN scenarios
- Host-to-Island
- Island-to-Host
- Island-to-Island