EDF-G1002-BP
Industrial firewall with 2 10/100/1000BaseT(X) ports, 1 Ethernet-based management port, Intrusion Prevention System (IPS), industrial deep packet inspection (DPI), Gen3 Bypass, centralized management through MXsecurity, -10 to 60°C operating temperature
The EDF-G1002-BP Series is an industrial-gradeLAN firewall with IPS and DPI functionality to protect mission-criticalassets and network zones
These industrial firewalls support software-configurableGen3 LAN bypass to achieve bump-in-the-wire installation and minimizethe installation impact for industrial applications such as ITS, pump-and-treatsystems in water stations, distributed control systems in oil andgas, and PLC/SCADA systems in factory automation
Dynamically PreventMalicious Cyber Threat Activity With IPS/IDS: The EDF-G1002-BPSeries is designed to protect mission-critical assets at the OT networkedge with advanced intrusion prevention and detection systems (IPS/IDS)
It analyzes network traffic in the background and enables behaviormonitoring and awareness of cyber activities
These firewall devicessupport both a 'Monitor' and 'Protect' mode to facilitate differentOT scenarios
'Monitor' mode gives administrators full visibilityof cyberthreat activities on the network
If a threat is detected,administrators can easily switch to 'Protect' mode to block and containany malicious operations
Industrial Deep Packet Inspection for Mission-critical Assets : The EDF-G1002-BP Series supports advanced Deep Packet Inspection(DPI) technology, providing awareness of industrial protocol dataand allowing for granular command of control system traffic to criticalcontrollers
Virtual Patchingand Intelligent Threat Protection: Frequent patchingboosts protection against cyberthreats
However, patching continuesto be a major challenge in OT environments because OT applicationscannot afford to interrupt operations by shutting down systems toapply patches
Virtual patching technology can help complement existingpatch management processes by shielding known and unknown vulnerabilities
Virtual patching acts as an agentless emergency security tool thatOT administrators and operators can use to quickly address vulnerabilitieson affected OT equipment
The EDF-G1002-BP Series provides advancedprotection against threats with up-to-date threat information andguards your systems against undisclosed and zero-day threats
Centralized Network Security and Policy Management: The EDF-G1002-BPSeries helps administrators and operators understand the real-timestatus of OT systems
When connected to Moxa MXsecurity centralizedsecurity management platform, administrators can manage and monitorall the intrusion prevention systems from a single space
MXsecurityprovides an efficient way to monitor security assets, and executepolicy, firmware, configuration, and pattern updates
- Bump-in-the-wire installation without impacting the network
- Gen3 LAN Bypass for system fault tolerance
- Industrial-grade Intrusion Prevention/Detection System (IPS/IDS)
- Examine industrial protocol data with Deep Packet Inspection (DPI) technology
- Supports secure boot for checking system integrity
- Check firewall policy misconfiguration with just one click
- Supports MXstudio for easy, visualized industrial network management
| Alarm Contact Channels | Resistive load: 1 A @ 24 VDC |
|---|---|
| Buttons | Reset button |
| Digital Input Channels | +13 to +30 V for state 1 -30 to +3 V for state 0 Max. input current: 8 mA |
| 10/100/1000BaseT(X) Ports (RJ45 connector) | 3 (2 x LAN ports, 1 x MGMT port) |
|---|---|
| Standards | IEEE 802.3 for 10BaseT IEEE 802.3u for 100BaseT(X) IEEE 802.3ab for 1000BaseT(X) IEEE 802.3x for flow control |
| LED Indicators | PWR1, PWR2, STATE, BYPASS, USB |
|---|
| Technology | ARP-Flood FIN Scan ICMP Flood TCP Sessions Without SYN NMAP-ID Scan NMAP-Xmas Scan Null Scan SYN/FIN Scan SYN/RST Scan SYN-Flood Xmas Scan |
|---|
| Throughput | Max. 45K packets per second/500 Mbps (based on RFC 2544) |
|---|---|
| Filter | DDoS Ethernet protocols ICMP IP address MAC address Ports |
| Intrusion Prevention System | Enabled by default. IPS pattern update functionality requires an additional license. |
| Deep Packet Inspection | Modbus TCP Modbus UDP DNP3 IEC 60870-5-104 IEC 61850 MMS EtherNet/IP Omron FINS Siemens S7 Comm. Additional protocols will be supported through future firmware updates. |
| Event Type | Firewall events Protocol DPI and IDS/IPS events |
|---|---|
| Media | Syslog server Local storage SNMP Trap |
| Console Port | RS-232 (TxD, RxD, GND), 3-pin (115200, n, 8, 1) |
|---|---|
| Connector | USB Type-C |
| Connection | Removable terminal block |
|---|---|
| Operating Voltage | 9.6 to 60 VDC |
| Input Voltage | 12/24/48 VDC Redundant dual inputs |
| Input Current | 0.69 A (max) |
| Reverse Polarity Protection | Supported |
| Housing | Metal |
|---|---|
| Dimensions | 35 x 125 x 100 mm (1,38 x 4.92 x 3.94 in) |
| Weight | 385 g (0.85 lb) |
| Installation | DIN-rail mounting Wall mounting |
| Operating Temperature | -10 to 60°C |
|---|---|
| Storage Temperature (package included) | -40 to 85°C (-40 to 185°F) |
| Ambient Relative Humidity | 5 to 95% (non-condensing) |
| Safety | IEC 62368-1 UL 62368-1 |
|---|---|
| EMC | EN 55032/35 |
| EMI | CISPR 32, FCC Part 15B Class A |
| EMS | IEC 61000-4-2 ESD: Contact: 6 kV; Air: 8 kV IEC 61000-4-3 RS: 80 MHz to 1 GHz: 20 V/m IEC 61000-4-4 EFT: Power: 2 kV; Signal: 2 kV IEC 61000-4-5 Surge: Power: 2 kV; Signal: 2 kV IEC 61000-4-6 CS: 10 V IEC 61000-4-8 PFMF |
| Railway | EN 50121-4 |
| Traffic Control | NEMA TS2 |
| Shock | IEC 60068-2-27 |
| Freefall | IEC 60068-2-32 |
| Vibration | IEC 60068-2-6 |
| Time | 2,929,641hrs |
|---|---|
| Standards | Telcordia (Bellcore), GB |
| Warranty Period | 5 years |
|---|