Gateway di sicurezza IoT industriali

La serie 4i Edge si distingue per i livelli di performance e le funzionalità hardware senza precedenti nell’Industrial Internet Security e nel mercato dei
router industriali VPN.

Networking

Network zone isolation and policy support
Support for up to 32 internal network zones
Multiple WAN
Quality of service and bandwidth management
Advanced TCP window scaling
Support for untagged VLAN traffic
Bonding mode configuration (UI)
NTP (Network Time Protocol)
DHCP server
DHCP relay support
SNMP server
Dynamic DNS (DDNS)
NAT (Network Address Translation)
Static NAT
Dynamic NAT
PAT (Port Address Translation)
IP Masquerading
Full Cone NAT
IPsec NAT traversal
Routing
Static routes
Source-based routing
Destination-based routing
Policy-based routing
Bridging
Unlimited interfaces per bridge
Transparent bridge mode
OSI layer 2 firewall functionality
Spanning tree
Wireless
Multiple SSID supported (Max 4)
Bridge SSID to any internal network zone
Wireless security (WPA2 Personal / Enterprise)
Channel width selection
Hidden SSID support

Network Security

Intrusion Detection & Prevention
Deep packet inspection technology to detect or block advanced threats
IDS Mode offers high performance threat detection
IPS Mode offers powerful security to block threats in real-time
Create security policies using threat categories
Large signature database (over 20k signatures)
Support for uploading custom signatures
Application & DNS Security
Deep packet application inspection and identification
Block by application control (incl. Facebook, Twitter, Skype, WhatsApp...)
DNS proxy filters network traffic for malware 
DNS proxy and routing ensures DNS security
DNS-based phishing protection
Firewall
Geo-IP firewall filtering (block/allow traffic by country)
Time-based firewall rules (day of week / time of day)
Support for VoIP/SIP
DoS & SYN/ICMP flood protection

Virtual Private Networking

IPsec
VPN Site-to-Site: Pre-Shared Key and X.509 certificate
VPN Remote Access (Roadwarrior): L2TP, XAuth, or Raw IPsec
Remote access platform support: iPhone/iPad (iOS), Android, Mac OS X, Windows
Support for modern encryption algorithms
Support for modern hashing algorithms
Support for Diffie Hellman (DH) mode selection
Support for IKEv1, IKEv2
Dead Peer Detection (DPD)
NAT traversal
Perfect Forward Secrecy (PFS)
Compression
OpenVPN
VPN Site-to-Site: Pre-Shared Key, X.509 certificate or both
VPN Remote Access (Roadwarrior)
Endian SSL VPN client: Mac OS X, Windows
Support for mobile SSL VPN: iPhone/iPad (iOS), Android
Support for multiple SSL VPN server instances
Support for VPN over HTTP Proxy
Support for bridged or routed server configuration
Support for VPN failover
Push DNS, network routes and domain suffix information to clients
Control client-to-client communication
VPN Portal (Reverse Proxy)
Provision secure access to internal HTTP/HTTPS resources
Configurable portal page
Support for multiple destinations
Destination-based authentication
SSL offloading
User Management & Authentication
Authentication methods include: Local, RADIUS, LDAP, Active Directory
Unified user/group management for OpenVPN, L2TP, XAUTH, VPN Portal
Integrated support for one-time password (OTP)
Integrated certificate authority
External certificate authority support
User password and certificate management
Support for Let’s Encrypt certificates

Redundancy & Backup

High Availability
Support for clustering up to 3 devices together in active-passive mode
Easy web-based UI for quick HA setup (with feedback)
Node data/configuration synchronization (not for BYOD/Hotspot)
WAN Failover
Create failover policies between available WAN interfaces
Support for unlimited WAN interfaces (based on interface availability)
Automatic failback support
Backup & Recovery
Easily backup and restore appliance configurations
Support for storing backups on attached USB stick
Customizable options to determine backup contents
Create schedule backups: daily, weekly or monthly
Send scheduled backups via email

General Management

Event Management
Setup event notifications for device and user events
Support for email and SMS notifications
Create custom scripts to be triggered by event
Custom scripts powered by Python scripting engine
Device Management
Easy and secure web-based UI for managing appliance
Full command-line access via SSH or serial console
Web console provides serial console over secure web UI
One-click to enable secure remote appliance support
Centralized, secure access to any Endian appliance via Endian Network
Multi-language support: English, Italian, German, Japanese, Spanish, Portuguese, Chinese, Russian, Turkish
Software Management
Easy web UI for managing software updates
Schedule automatic software update checks and notifications
Centralized, secure software updates/upgrades via Endian Network

Logging and Reporting

Network Awareness
View real-time network activity and bandwidth
Discover top user activity, applications, bandwidth consumption and more 
Reporting
View reports for all major system features
Detailed system, web, email, attack, virus and user reports
Real-time log analysis with live log viewer
Detailed user-based web access report
Network, system and performance statistics
Logging
Web-based log viewer for system, services and VPN logging
Rule-based logging settings (firewall rules)
Support for local or remote syslog logging
OpenTSA trusted timestamping

Edge Computing

Docker Engine and CLI included
Enables hybrid/remote applications or micro-services
Requires much less hardware and software resources than full-machine virtualization
Reduce network latency and provide offline access to remote applications
Increased application portability and faster software development and delivery
endian-utm-hardware.png

Dispositivo hardware UTM Endian

Una gamma completa di dispositivi ideati appositamente per integrare il nostro software UTM per le esigenze di sicurezza di qualsiasi cosa, dalle filiali agli stabilimenti industriali, fino alle reti più grandi.

Leggi di più
endian-iot-security-gateways_1.png

4i Industrial IoT Security Gateways

La serie 4i Edge si distingue per i livelli di performance e le funzionalità hardware senza precedenti, per l’Industrial Internet Security e per il mercato di router industriali VPN.

Leggi di più