01-09-2022 | W&T | Subs & Systems
W&T has added the Microwall Bridge to a range of industrial firewalls with an easy-to-implement solution for isolating network components throughout the continuous operation - without needing to touch the sensitive IP configuration.
The practical implementation of network segmentation in expanding structures is usually challenging: Connecting networks from huge CNC machining centres into a complex overall system via various terminal devices, including the smallest embedded devices such as sensors, actuators, or switches. Since conventional segmentation is accomplished utilising routers on the IP level, this almost always needs cumbersome reconfiguration of the IP basic parameters of all the components involved. If the necessary access data are available, there is still an exceedingly high risk of errors, and the resulting troubleshooting inevitably results in a production standstill.
To stop such stoppages and to protect such components for which the access parameters have been lost, the device provides a quasi-plug-and-play solution in two steps: First, the devices to be protected or function groups are combined on the physical level using Ethernet switches. The uplink to the surrounding main network remains intact through this phase so that the only dropout is whilst the network cable is actually plugged in. Then it is switched to the uplink for the main network. The web interface is employed to release the required communication connections between the main and isolated network. The IP setup of the relevant devices remains untouched.
The IP-transparent security enhancement minimises the otherwise common dropout risk thanks to its minimal integration effort. It also provides a very simple emergency fallback in case a device fails. The device protects vulnerable systems from malware and undesired access, including machines or older systems such as services with known security gaps. Whitelist-based filter rules provide that only explicitly enabled communication takes place.