S7-Firewall







Securing the production-/automation-network from the company-network
OEM - Version (all accessories optional)
General- Scalable "PLC-Firewall" S7-300/400 far beyond IP/MAC-address-filtering
- Automatic detection of the installation direction
- Protection against viruses such as S7-PLC-virus Stuxnet
- Step7-protocol filtering definable by Step7-syntax (S7-Firewall rule),
complete or individual process-data-sectors can be protected, even down to the individual bits of the control.
more...
General
- Scalable "PLC-Firewall" S7-300/400 far beyond IP/MAC-address-filtering
- Automatic detection of the installation direction
- Protection against viruses such as S7-PLC-virus Stuxnet
- Step7-protocol filtering definable by Step7-syntax (S7-Firewall rule),
complete or individual process-data-sectors can be protected, even down to the individual bits of the control. - User-access-management for PLC- and operating-/programming-level in the machine-network,
further PLCs on request. - Access-management depends on IP/MAC-address of the immigrants
- Clear separation of read- and write-accesses
- Safe remote-maintenance-access
- Isolated maintenance area
- Alarm and event log
- optional: key switch
- Quick and easy configuration via integrated web-browser
- NAT
- DHCP client/server
- NTP-client
- Portforwarding
- integrated firewall
- Multiple IP addresses
Each WAN/LAN-port can each receive up to 3 different IP-addresses, so that immediately IP-networks with different network segments and addresses can be controlled remotely (eg 192.168.0.x and 10.xxx and 172.16.xx). - Routing of individual IP-addresses between WAN/LAN-port configurable
What is the S7-firewall

S7-firewall is a scalable "PLC-Firewall", which not only filters IP/MAC-addresses. Free-defined connections can be restricted/set to any data areas of the PLC. The S7-Firewall can be installed anywhere between PLC and operator/programmer-level. The S7-firewall detects the direction of installation automatically. It will be only configured connections authorized.
How does the S7-Firewall work

The PLC-firewall-connections results of the combination of HMI/PG-station and PLC-station
S7-Firewall-settings



The connections are formed from the combination of HMI/PG-station and PLC-station. Each HMI/PLC-station can be used repeatedly. Upon change from Mac- or IP-address this need only be changed centrally in the HMI/PG-station and PLC-station. Each connection is sorted to a connection rule.
The rule-script

In the rule-scripts would the data areas or possible access for the specified connection settled. The script can be accessed via the link of the connection.
Learn-mode

With the learn-mode you can define easy and fast new rules for the S7-Firewall.
Up to 3 IP-addresses per port

The WAN/LAN-port has shared IP-addresses, it can up to 3 different IP-addresses and subnets configured.

S7-firewall is a scalable "PLC-Firewall", which not only filters IP/MAC-addresses. Free-defined connections can be restricted/set to any data areas of the PLC. The S7-Firewall can be installed anywhere between PLC and operator/programmer-level. The S7-firewall detects the direction of installation automatically. It will be only configured connections authorized.
How does the S7-Firewall work

The PLC-firewall-connections results of the combination of HMI/PG-station and PLC-station
S7-Firewall-settings



The connections are formed from the combination of HMI/PG-station and PLC-station. Each HMI/PLC-station can be used repeatedly. Upon change from Mac- or IP-address this need only be changed centrally in the HMI/PG-station and PLC-station. Each connection is sorted to a connection rule.
The rule-script

In the rule-scripts would the data areas or possible access for the specified connection settled. The script can be accessed via the link of the connection.
Learn-mode

With the learn-mode you can define easy and fast new rules for the S7-Firewall.
Up to 3 IP-addresses per port

The WAN/LAN-port has shared IP-addresses, it can up to 3 different IP-addresses and subnets configured.