Contact
Tel: +49 711 45894-600
E-Mail: sales(at)ads-tec.de
IT security – The Industrial Firewall (IF) offers an Endpoint Security Solution for plants and machinery used directly in the switchboard. The simple and intuitive setup of the firewall supports quick and smooth start-up, while allowing the unit to adapt even the highest demands on IT security solve and to score as the Central Remote Maintenance.
Compact design Well-proven and solid
• Robust aluminium diecast case suitable with top-hat rail
Display and keypad Important information at a glance
• Active monochrome display, can be locked from unauthorized operation and viewing or completely be deactivated
• Status monitoring and configuration can be accomplished directly by display and keypad
Sim card Configure plug & play
• The entire firewall configuration can be stored on a
Sim card which you can purchase as an option
• Sim card reader on the firewall for back-up and restore applications
CUT & STOP 100% security in critical phases
• CUT & STOP physically disconnects the LAN IN port from the network
• CUT & STOP can be triggered per software, by a control input
or key switch
• This way, the machine can quickly be disconnected from the network in critical situations,
or the other way round, intentionally be connected to the network for
remote maintenance
Managed switch with 4 ports Flexible data routing
• Up to 4 machines can be connected in the same or in different
subnets without any interference or IP conflicts
• Each port can individually be disconnected in order to avoid
any unauthorised overhearing of data traffic
Modem connection DSL, UMTS, ISDN, GPRS or analogue connection
• The firewall can directly be connected to an analogue, ISDN or
GPRS modem via RS-232
• For access via DSL or UMTS, the modem can directly be connected with the LAN IN
interface of the IF1000 series device
• The web interface of the firewall is used for configuration, as well as for selecting a
certain connection type
Options and accessories For extra security
• NV-RAM – For locations with particularly strong security requirements, the
firewall can be equipped with a power-fail proof NV-RAM, Log entries are then even available after a power cut
IDA light administration tool Central administration
• ads-tec provides a central administration tool for management
of larger numbers of firewalls within a network, which is used
for central administration.
• IDA light is permanently included in the scope of delivery without any additional costs
Secure NOW! Security at the push of a button
• Automatic rule generation from the online traffic currently passing through the firewall
• No IT know-how required in order to ensure the basic machine protection
• Rules generated automatically can be edited and adapted
Creating rules manually Filtering on layer 2 and layer 3
• Predefined filter rules and rulesets, e.g. for POP3, ModbusTCP or Profinet
• Creation of precisely tailored rules and filters by using the web interface
• Establishment of MAC and IP groups in order to simplify the creation of shared rules for different subscribers
Big-LinX The Remote Service Cloud
• Big-LinX is an integrated VPN server with web portal, where all enquiries of remote maintenance accumulate from worldwide
allocated IF1000 VPN Routers
• Remote maintenance environments based on virtual machines can be fully integrated and assigned with the corresponding machine – every remote maintenance enquiry can be edited separately in every virtual machine
• Smart Card Security for maximum safety
• The user and rights management ensures that each service technician can only communicate with the assigned machines
• The integrated documentary and machine database of the web portal facilitates all processes within the service team
• Due to the advice module service technicians can be informed promptly, if outstanding enquiries of remote maintenance arrive
• High scalability – the solution is conceived for machine parks in the order of 10.000 machines
• Full solution can be installed directly within the datacenter or also be provided by ads-tec’s hosting services
Remote maintenance from everywhere Global network
• The use of existing concepts for connecting the field engineers with the company network can be continued
• The service engineer first connects with the home network, as usual, and then gets into the corresponding machine network via the
home network
Multi-User Rights for parameterization limitable
•The integrated rights management allows allocation of rights for parameterization of devices on user level
Simple rollout Fast and without administrative costs
• Administration costs involved in the individual configuration and documentation of firewalls in typical remote maintenance solutions with worldwide distributed systems should not be underestimated
• The IF1000 series provides for all options up to a completely automatic configuration of individual devices by means of automatic certificate enrolment (SCEP) and dynamic IP addresses for VPN adapters
Remote Capture
• Remote Capture Interface for Wireshark (Network Protocol Analyzer) – allows the diagnose with Wireshark through „rpcapd“.
Certificates, encryption and passwords Security comes first
• Each VPN tunnel can be strongly encrypted, and is additionally secured by certificates or by a password
• Tunnel establishment can be combined with a key switch in order to introduce the “four-eyes-principle”
in remote maintenance – this ensures that unsupervised access is excluded
• Different tunnels can be provided with different access rights - each subscriber gets only access to their part of the system
