Cookies helfen uns bei der Bereitstellung unserer Dienste. Durch die Nutzung unserer Dienste erklären Sie sich damit einverstanden, dass wir Cookies setzen.
Cookies help us in providing our services. By using our services, you agree that we set cookies.

S7-Firewall Produktvideo anzeigen

Securing the production-/automation-network from the company-network

  • Scalable "PLC-Firewall"; far beyond IP/MAC-address-filtering
  • Automatic detection of the installation direction
  • Protection against viruses such as S7-PLC-virus Stuxnet
  • Step7-protocol filtering definable by Step7-syntax (S7-Firewall rule),
    complete or individual process-data-sectors can be protected, even down to the individual bits of the control.
  • User-access-management for PLC- and operating-/programming-level in the machine-network,
    further PLCs on request.
  • Access-management depends on IP/MAC-address of the immigrants
  • Clear separation of read- and write-accesses
  • Safe remote-maintenance-access
  • Isolated maintenance area
  • Alarm and event log
  • optional: key switch
  • Quick and easy configuration via integrated web-browser
  • NAT
  • DHCP client/server
  • NTP-client
  • Portforwarding
  • integrated firewall
  • Multiple IP addresses
    Each WAN/LAN-port can each receive up to 3 different IP-addresses, so that immediately IP-networks with different network segments and addresses can be controlled remotely (eg 192.168.0.x and and 172.16.xx).
  • Routing of individual IP-addresses between WAN/LAN-port configurable

What is the S7-firewall

S7-firewall is a scalable "PLC-Firewall", which not only filters IP/MAC-addresses. Free-defined connections can be restricted/set to any data areas of the PLC. The S7-Firewall can be installed anywhere between PLC and operator/programmer-level. The S7-firewall detects the direction of installation automatically. It will be only configured connections authorized.

How does the S7-Firewall work

The PLC-firewall-connections results of the combination of HMI/PG-station and PLC-station


The connections are formed from the combination of HMI/PG-station and PLC-station. Each HMI/PLC-station can be used repeatedly. Upon change from Mac- or IP-address this need only be changed centrally in the HMI/PG-station and PLC-station. Each connection is sorted to a connection rule.

The rule-script

In the rule-scripts would the data areas or possible access for the specified connection settled. The script can be accessed via the link of the connection.


With the learn-mode you can define easy and fast new rules for the S7-Firewall.

Up to 3 IP-addresses per port

The WAN/LAN-port has shared IP-addresses, it can up to 3 different IP-addresses and subnets configured.

Technical data

Supply voltage: 24V DC +/- 20%
Power consumption: 3,6 Watt
Display: Web-Browser
4 Status-LEDs
Handling/Configuration: Web-Browser
Taster for factory settings
1 x 10/100BaseTX RJ45-Ethernetjack for WAN-Port
4 x 10/100BaseTX RJ45-Ethernetjack switched
all Ethernetports are Auto MDI-X (auto negotiation)
Operating temperature: 0 - 55°C
Case: powder coated metal case
Dimensions: 154 x 92 x 28 mm
Scope of delivery:
Power connector 3pins big
Commercial data:
EAN number: 4260363241281
HS-code: 85389099
Weight: 0.5000 kg

technical data
docu / downloads


Protection againt virus attacks

You want to protect your system from viruses? No problem, with the S7-firewall you secure your system against virus attacks, like the virus "Stuxnet" and thus prevent destruction to your system and process data.
Protection for data-dump and modification

You want to protect your system against unauthorized access and changes? No problem, with the S7-firewall you secure your system against unauthorized access and thus prevent deduction or alteration of your system and process data.
Permit requests depending on the ip- and mac-address

You have in your facility machines from different manufacturers and no one does get access to the controls of the other? No problem, with the S7-firewall you can filter who can ever communicate with the control network and which user with which end users. This is done through the IP address and MAC address.
Protection of data areas in the PLC

You have in your facility machinery with complex program structures and want to prevent that the users do not change comprehensible content? No problem, with the S7-firewall you can assign specific data fields to each user or even generally protect certain data areas in the PLC.
Log messages via e-mail

You want to be informed of access violations and range errors in the communication with your controls? No problem, with the S7-firewall you can be informed about each of these attacks / injuries by email to determine each polluter.
applications technical data

technical data
docu / downloads

OEM - Version (all accessories optional)

applications technical data
9373-O-LEARNOption for S7-Firewall: Learnmode
Monitors the current traffic in the learn-mode,
creating the appropriate rules for equipment
requests and setpoints
9391-UHUniversal DIN-rail-holder with mounting
Including mounting of the relevant product

applications technical data
9372-24Power connector 3pins big
connector plug lockable by jack with screws
9391-UHUniversal DIN-rail-holder with mounting
Including mounting of the relevant product
9391.124V DC power-supply unit 625mA
Primary 110V - 240 VAC Euro+USA-plug
9636-CROSSCross-cable 3m Cat5+, shielded
RJ45 plug <=> RJ45 plug, twisted pinning
9636-TCPIPPatch-cable 3m, Cat5+, shielded
RJ45 plug <=> RJ45 plug, 1:1
9636-TCPIP.02MPatch-cable 0.25m, Cat5e, shielded
RJ45 plug <=> RJ45 plug, 1:1