• No results found

Secure VPN access at any time. Industrial Firewalls with mobile networks

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Secure VPN access at any time. Industrial Firewalls with mobile networks"

Copied!
26
0
0

Loading.... (view fulltext now)

Download now ( 26 Page )

Full text

(1)

Secure VPN access at any time

(2)

THE GOAL

(3)

Our goal is, that you

• Learn what challenges need to be mastered to get 24x7

remote access

• Understand what a Industrial Firewall is and what for

• Get all information to build a complete system

(4)

THE MOTIVATION

(5)

In the past Telemetrie

Telemetry

is a technology which makes remote sensing and

remote transmission of data possible. The word is derived

from Greek

tele

= remote, and

metron

of = measure.

Typical Applications

• Energy distribution

• Remote monitoring

• Process industry

(6)

was done with Modems.

• Typical transmission paths

– HF: Analogue Radio

– Cable: RS-232/422/485

– Phone or leased line

– GSM Network

• Characteristics

– Low data throughput

– Small update frequency

– Focus on data collection

– Very limited remote actions

– Specialized protocols

– Communication not separated from application

– Connection is initiated by the device in the field

(7)

Telecommand and Condition Monitoring

Tele command

Remote action

Condition Monitoring

Monitoring and Predictive Maintenance

Typical application:

• Building control, HVAC

• Wind turbines

• Locomotives

(8)

need a bi-directional 24x7 connection.

The communication can be initiated by the field devices and the

control center.

Typical customer environments:

• Scenario 1: Ethernet LAN/WAN

• Scenario 2: Local WIFI

• Scenario 3: No local network

Challenge

• The factory networks are now controlled by the company's IT

– Company policies must be adhered to

– Access Security / Security is a crucial issue

– Restricted access and low flexibility

(9)

THE CHALLENGES

(10)

System

Typical network in a manufacturing cell

Factory LAN - Ethernet / IP

Internet

(11)

System

could influence other systems

Factory LAN - Ethernet / IP

Internet

(12)

System

and can’t be accessed remotely.

Factory LAN - Ethernet / IP

Internet

(13)

THE SOLUTION

(14)

System

Industrial Firewalls separate systems

Factory LAN - Ethernet / IP

Internet

Device 1

Device 2

Own network behind the Firewall

Always same IP addresses

Controls access:

Factory lan -> System

System -> factory lan

(15)

System

and provides safe remote access.

Factory LAN - Ethernet / IP

Internet

Device 1

Device 2

VPN

Server

(16)

THE IMPLEMENTATION

(17)

System

For one systems

Factory LAN - Ethernet / IP

Internet

Device 1

Device 2

VPN

Server

Simple configuration

(18)

or a small number the NB1600 is sufficient

Internet

System

Factory LAN - Ethernet / IP

Device 1

Gerät 2

VPN

Server

Up to 10(25) tunnels

Network mapping, NAT or routed

Redundancy option

System

Factory LAN - Ethernet / IP

Device

1

Device

2

Service

System

Factory LAN - Ethernet / IP

(19)
(20)

For large installations

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1 Ger ät 2

VPN

Server

(21)

a cloud based appliance is preferred

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1

Ger ät 2

Anlage

Fabrik LAN - Ethernet / IP

Ger ät 1 Ger ät 2

VPN

Server

Owned or rented server

No or nominal fee

Easy installation by Image

Typically 25-250 clients

Routing, NAT and 1:1 NAT support

Full control and no dependence on

portal operators

(22)
(23)

and easy to operate.

Turgi

OpenVPN

Yes

AK2331

Bern

OpenVPN

Yes

AK2312

Töss

Mobile IP

Yes

KFZ 3

Windisch

OpenVPN

No

Demo

Zürich

OpenVPN

Yes

Home

Chur

OpenVPN

Yes

AK2311

(24)

Independent of the remote device type.

Vehicles

Railway

1. LAN-LAN router

2. 3G/4G router

3. WiFi router

(25)

THE END

(26)

Contact

NetModule AG

Neuwiesenstrasse 37

CH-8400 Winterthur

Switzerland

NetModule GmbH

Frankfurter Strasse

92

D-65760 Eschborn

Ralf Fachet

Senior Director Sales &

Marketing

Mob: +49 176 62222444

Tel-CH: +41 52 20900 55

Tel-D: +49 6196 779979 5

Fax: +49 6196 779979 9

ralf.fachet@netmodule.com

References

Download now ( PDF - 26 Page - 2.23 MB )

Related documents

Goss\u27s Bacterial Wilt Development and \u3ci\u3eClavibacter michiganensis\u3c/i\u3e subsp. \u3ci\u3enebraskensis\u3c/i\u3e Interactions with Spray Adjuvants

Field studies on disease severity of Goss’s bacterial wilt and leaf blight of corn ( Zea mays L.) with spray adjuvants yielded different results between experiments.. A decrease

Combining Multiple Feature Selection Methods and Deep Learning for High-dimensional Data

Our results suggest that when the assumed model doesn’t include certain types of terms (e.g. non- linear or interactions between the predictors) then wrong predictors will be

Curcumin inhibits NF-kB and Wnt/β-catenin pathways in cervical cancer cells

We showed that curcumin inhibits invasion and proliferation of cervical cancer cells via impairment of NF-kB and Wnt/ β-catenin pathways, proposing further studies on the

We are also enclosing herewith a press release issued by the Company in respect of its Q2 FY21 / H1 FY21 unaudited financial RESults.

Ind ependen t Auditor of th e En tit y " , issued by the Institute of Chartered Accountants of India. This standard requires that we plan and perform the review to

Adjusted Estimates of Worker Flows and Job Openings in JOLTS

First, the aggregate employment growth implied by the flow of hires and separations in JOLTS consistently exceeds the growth observed in its national benchmark, the

Xie Peiqi - The Twelve Guiding Energy Sitting Meditations.pdf

After pressing the Y ong Quan point, the practitioner places both hands behind the back, the left hand holding the right, the back of the left hand (outside Lao Gong point) placed

Relationship between trade openness and economic growth of India: A time series analysis

We have tried to examine the relationship between trade openness and growth of India during the time period 1970-2010 using import penetration ratio, total trade as

Increase Productivity Through Knowledge Management

Knowledge management is a process that aims at creating, sharing and using knowledge to improve the activities and goals of the Organization, with knowledge of