Endian 4i (OT-Umgebungen)
Die Endian 4i Edge-Serie bietet eine beispiellose Hardware-Performance und umfangreiche Funktionen für die industrielle Internetsicherheit sowie den industriellen VPN-Router-Markt.
Endian Switchboard
Das Endian Switchboard ist das Herzstück der Endian Secure Digital Platform. Als zentrales Steuerungselement ermöglicht es einen sicheren Fernzugriff auf die Geräte vor Ort, Datenerfassung und- Visualisierung, Edge Computing und ein leistungsstarkes Management von Benutzer- und Geräteberechtigungen. Das Switchboard ist ein On-Premise Lösung und somit überall einsetzbar. Gleichzeitig bietet das Switchboard integrierte Sicherheitsfunktionen über die gesamte Plattform hinweg.
Centralized Management
| Support for |
| On-Premise: Run the Switchboard on an Endian virtual or hardware appliance in your own infrastructure |
| Cloud Hosted (by Endian): Switchboard server is provided by Endian and connect your own users, devices and endpoints |
| On-Premise |
Multi-tenancy option with support for sub-organizations |
Each organization can have its own branding which includes management portal, Connect Web and Connect App |
Full control over OpenVPN server, modes and options |
OpenVPN fallback support through multi-server configuration |
Virtual IP support for simultaneous connections to endpoints with the same IP address |
Virtual IP pool(s) configurable globally or per organization |
Support for multiple authentication backends (Local, LDAP, Active Directory, and RADIUS) |
Integrated support for one-time passwords through TOTP (Time-based One-Time Password) |
Support for VPN connection health check (interval and timeout) |
| Cloud-Hosted |
OpenVPN fallback support available (TCP 443 & UDP 1194) |
Virtual IP support for simultaneous connections to endpoints with the same IP address |
Integrated support for one-time passwords through TOTP (Time-based One-Time Password) |
Hosted in Amazon Web Service (AWS) for performance and reliability |
Remote Access
Secure connections through SSL VPN (OpenVPN) |
Connect with a single click to endpoints, gateways or entire remote networks |
View connection status for all devices (online/offline) |
View which user(s) are connected to an endpoint/gateway |
Expand/collapse view of endpoints for custom views (or apply to all) |
Use either Connect App or Web to connect:
|
Connect App
Native client available for Windows and Mac OS X |
Run any locally installed application by providing path to executable/binary and variable parameters to include |
App views restricted based on user permissions |
Option to start automatically on computer start-up |
Automatic reconnection on failure |
Support for connection through HTTP proxy (Basic/NTLM auth) |
Connection profile management for both Switchboard and OpenVPN connections |
Integrated log viewer with ability to export to file/clipboard |
Connect Web
Web-based client (requires HTML5 browser only) |
Supported on virtually any platform including Windows, Mac OS X, Linux, iOS, Android and more |
Integrated applications (RDP, VNC, SSH, Telnet, HTTP, HTTPS) run inside the browser and require nothing to be installed on client |
Manage users, devices, applications and organizations from within the client |
App views restricted based on user permissions |
Remote Data Collection*
Data Collection |
Collect unlimited SCADA data points using supported protocols including Modbus (TCP/RTU), OPCUA, Siemens S7 and MQTT |
Secure VPN connection between Switchboard and remote Endian devices ensures all data is transmitted securely over encrypted channel |
Data can be collected over Ethernet or direct Serial connection. Supported serial protocols include RS-232, RS-422, RS-485 |
Data will be buffered on the remote Endian gateway in the event of connectivity loss |
*Requires Endian 4i gateway
User & Group Management
Support for individual users and/or user groups |
User can be member or administrator of unlimited user groups |
User can connect to single device or all devices in device group |
Integrated password management allows users to set (initial) and reset password on their own |
| Endian Network account data for gateway registration (provisioning) |
Permissions |
Superuser (Admin) |
Access to sub-organizations |
User group management |
Device group management |
Application management |
Organization management |
Analytics management |
Analytics view (only) access |
API access |
Direct access to application(s) |
Network routes to Switchboard |
Device & Group Management
| Support for |
Gateways: Network devices connecting via VPN (OpenVPN required) and/or |
Endpoints: Any IP-enabled devices that can be (a) connected to a gateway or (b) directly connected to Switchboard via Connect Agent |
| Gateways |
Automatic account creation for each gateway created |
User and user group permissions management (connect/manage) |
Advanced custom action policies (ACAP) to provide granular control over permissions between users, endpoints and applications |
Gateway can be a part of unlimited number of device groups |
Assign to specific organization or sub-organization |
Manual device (gateway) creation or create via provisioning |
Assign endpoints which are connected to gateway |
Port forwarding to support redirecting field equipment communications to central site |
Exportable logs in CSV format |
| Endpoints |
Support single or millions of endpoints per gateway |
Support for using virtual or real IP addresses |
Support for endpoints without default gateway (SNAT) |
Assign application profile (group) per endpoint |
Exportable logs in CSV format |
Application & Group Management
Support for defining access to any application |
For each application definition specify integrated vs external |
Integrated applications (RDP, VNC, SSH, Telnet, HTTP, HTTPS) |
Support for advanced options of integrated applications |
Custom applications for both Windows & Mac |
Support for any TCP, UDP, TCP+UDP application |
Support for profiles which are groups of applications |
Profiles can be assigned individually to each endpoint |
Organization Management
Support for parent and sub-organizations |
Each organization has its own set of users, gateways, endpoints, applications and settings |
Each organization can have its own branding which includes management portal, Connect Web and Connect App |
Define exclusive access option on gateway or endpoint level (or leave disabled) per organization |
Define max number of users per organization |
Define max number of gateways per organization |
Enable API access per organization |
Define Endian Network registration per organization |
Choose to add default application/profiles per organization |
API Management
Secure API using HTTPS and authentication |
Additional API token required for all requests |
Can be enabled globally or per-organization |
Superuser API for full read/write access |
User API for restricted access |
Activate or deactivate user/gateway connections |
Activate or deactivate user/endpoint connections |
Central Gateway Orchestration
Endian Management Center |
Create master ("golden") profiles to capture key gateway configurations: |
|
|
|
|
Assign profiles to any connected gateways |
Gateways will automatically apply profiles configuration |
Changes to profiles are synced to assigned gateways automatically |
Local gateway changes will override central profile configuration |
Central Gateway Deployment
Support for |
Plug & Connect: To remote deploy gateways over the Internet |
USB Stick: To remote deploy using USB stick in the gateway |
| Plug & Connect |
Allows any Internet-connected remote gateway or endpoint to automatically create secure connection to the Switchboard |
Supports automatic Endian Network registration |
Define remote Endian appliance passwords |
Define remote Endian WAN, LAN and DMZ networks |
Define port forwarding and Source NAT rules |
Define custom OpenVPN server IP, port and protocol |
Define OpenVPN tunnel over HTTP proxy |
Supported by Endian hardware, software or virtual appliances |
Supported by Endian Connect Agent |
| USB Stick |
Allows any Endian hardware appliance to receive basic networking info and automatically create secure connection to the Switchboard |
Supports automatic Endian Network registration |
Define remote Endian appliance passwords |
Define remote Endian WAN, LAN and DMZ networks |
Define port forwarding and Source NAT rules |
Define custom OpenVPN server IP, port and protocol |
Define OpenVPN tunnel over HTTP proxy |
User Messaging
Create different message types to effectively communicate information to users
|
Messages can be color-coded to provide different levels of importance |
Messages can be customized with text editor and include links to external content |
Messages can be set to display during a scheduled day/time window |
Message can be unique to an organization or displayed to all sub-organizations |
EndianOS - Betriebssystem für die sichere Digitalisierung
Alle Produkte von Endian basieren auf dem EndianOS. Dabei handelt es sich um ein leistungsstarkes Betriebssystem (Operating System, kurz: OS), das darauf ausgerichtet ist, die Herausforderungen der Digitalisierung und des Zusammenwachsens von IT- und OT-Umgebungen zu meistern.
Weiterlesen
Endian UTM (IT-Umgebungen)
Eine komplette Palette speziell entwickelter Appliances mit unserer UTM-Software, passend für jedes Sicherheitsbedürfnis - von Geschäftsniederlassungen und Industrieanlagen bis hin zu großen Netzwerken.