Endian banner

Preface

Endian 4i Edge Appliance is an appliance (desktop or rail-mounted) that provides secure access to SCADA equipment. This document is a reference manual that describes the GUI and all the configuration options of its functionalities.

The latest updates and corrections to this manual, referred to the latest release of the Endian 4i Edge Appliance, will be available online at http://docs.endian.com/3.0/4i/. If you think that you have found any errors, either simple typos or even content errors, feel free to provide us feedback using the form on Endian web site.

This reference manual is Copyright (c) 2011-2016 Endian S.p.A., Italy and corresponds to revision 5 of the online version.

Features and enhancements of the 3.0 release

The version 3.0, being a major release, has been a long path, which sees the introduction of several new features, plus many changes and improvements under the hood, among which the major rewrite of the VPN module stands out.

VPN

The VPN module has been rewritten and its structure improved, separating the authentication part from the tunnelling and encryption part. The new features introduced in the VPN module are:

  • Algorithms available for encryption: Blowfish 128/192/256-bit, Twofish 128/192/256-bit, Serpent 128/192/256-bit, Camellia 128/192/256-bit, CAST-128.

  • Hashing algorithm: SHA2 256/384/512-bit, AESXCBC.

  • Support for IKEv2.

  • Support for XAUTH.

  • Multiple OpenVPN servers can run concurrently, introducing load-balancing and providing scalability.

  • User management and authentication has been unified for OpenVPN, L2TP, and XAUTH, and completed by several new functionalities:

    • Support for multiple authentication server (local, LDAP, Active Directory).

    • Integrated certificate authority

    • Support for external certification authorities.

    • Support for groups of users.

    • Two-Factor Authentication (password and certificate management).

Logging

  • A brand new reporting dashboard to visualise events logged by the Endian 4i Edge Appliance has been developed from scratch.

  • More detailed graphical reports are therefore available for various categries of events: System, intrusion attempts, and connections.

  • Integration of ntopng into Endian 4i Edge Appliance provides live monitoring of network traffic and network flows.

Usability

  • Additional languages for the GUI have been introduced: Portuguese, Chinese, Russian, and Turkish.

  • The menubar and the left-hand side menus now remain visible also when browsing a long page to its bottom.

Firewall

  • Application firewall is now available, with the possibility to filter traffic generated by more than 170 application.

Endian web sites

For more information about Endian S.r.l.., Italy and its products, please visit Endian’s web site at http://www.endian.com.

Many resources (tutorials, how-tos, examples) in this manual are taken from those web sites:

  • http://help.endian.com. The new support center for the Endian products, that should become the reference site to support customers and users. Several links to howtos on this site are provided on this documentation at the end of the various subsections.

  • http://jira.endian.com. The site where to search for bugs or to open new ones. If a fix for a buggy packages exists, but the package has not yet been released, you might also find here some workaround to apply on your system.