VPN Security Gateway IGW/100-92The IGW/100-92 enables the simple integration of any Ethernet based devices, subsystems and automation components or complete subnetworks into a VPN (Virtual Private Network). Thus allows the secure remote access via Internet. Moreover the IGW/100-92 offers with SSL, SSH, TCP proxy server and a firewall numerous integrated security functions, which protect a local automation Ethernet network from external access. Through the two LAN interfaces (optional three) the protected device or LAN is completely isolated for external access. ADNP/9200 as Embedded EngineThe heart of the IGW/100-92 is the Protection of Embedded Web ServersInto automation components embedded Web servers are nowadays the rule rather than the exception. As long as the only purpose for such a server is monitoring via Web browser, solely the confidentiality is difficult. But if an Embedded Web server is used for operation and configuration, there is a high security risk. At least it is possible to manipulate the automation components via Web browser by any user - accidentally or intentionally. To protect Web based access afterwards an IGW/100-92 is simply installed in immediate proximity of the automation components which shall be protected and is configured as HTTP security proxy server. Thus the IGW/100-92 is the only interface for external browser access. The IGW/100-92 transforms any external Web access and forwards it to the particular local Web servers, which do not take notice of the interconnected control and filter entity and hence must not be modified. Proxy Functios for FTP and TelnetBeside the HTTP access it is possible to protect any TCP-Server as well as the Telnet and FTP access of automation components with the IGW/100-92. Then the external access is only possible via SSH or VPN tunnel. The implementation of the local servers is done by the IGW/100-92. All software functions are easily configured with a web based user interface (please see figure above). |
|
IGW/100-92
|
Last Update: 2010-05-27
|