Moxa EDF-G1002-BP Series
2-port Gigabit industrial next-generation LAN firewalls
Properties
Description
Further Information
Print this page
Request Price
show my notes
PDF
Properties
Description
Further Information
PDF
- Bump-in-the-wire installation without impacting the network
- Gen3 LAN Bypass for system fault tolerance
- Industrial-grade Intrusion Prevention/Detection System (IPS/IDS)
- Examine industrial protocol data with Deep Packet Inspection (DPI) technology
- Supports Secure Boot for checking system integrity
- Check firewall policy misconfiguration with just one click
- Supports MXstudio for easy, visualized industrial network management
The EDF-G1002-BP Series is an industrial-grade LAN firewall with IPS and DPI functionality to protect mission-critical assets and network zones. These industrial firewalls support software-configurable Gen3 LAN bypass to achieve bump-in-the-wire installation and minimize the installation impact for industrial applications such as ITS, pump-and-treat systems in water stations, distributed control systems in oil and gas, and PLC/ SCADA systems in factory automation.
Dynamically Prevent Malicious Cyber Threat Activity With IPS/IDS
The EDF-G1002-BP Series is designed to protect mission-critical assets at the OT network edge with advanced intrusion prevention and detection systems (IPS/IDS). It analyzes network traffic in the background and enables behavior monitoring and awareness of cyber activities. These firewall devices support both a ?Monitor? and ?Protect? mode to facilitate different OT scenarios. ?Monitor? mode gives administrators full visibility of cyberthreat activities on the network. If a threat is detected, administrators can easily switch to ?Protect? mode to block and contain any malicious operations.
Industrial Deep Packet Inspection for Mission-critical Assets
The EDF-G1002-BP Series supports advanced Deep Packet Inspection (DPI) technology, providing awareness of industrial protocol data and allowing for granular command of control system traffic to critical controllers.
Virtual Patching and Intelligent Threat Protection
Frequent patching boosts protection against cyberthreats. However, patching continues to be a major challenge in OT environments because OT applications cannot afford to interrupt operations by shutting down systems to apply patches. Virtual patching technology can help complement existing patch management processes by shielding known and unknown vulnerabilities. Virtual patching acts as an agentless emergency security tool that OT administrators and operators can use to quickly address vulnerabilities on affected OT equipment. The EDF-G1002-BP Series provides advanced protection against threats with up-to-date threat information and guards your systems against undisclosed and zero-day threats.
Centralized Network Security and Policy Management
The EDF-G1002-BP Series helps administrators and operators understand the real-time status of OT systems. When connected to Moxa?s MXsecurity centralized security management platform, administrators can manage and monitor all the intrusion prevention systems from a single space. MXsecurity provides an efficient way to monitor security assets, and execute policy, firmware, configuration, and pattern updates
Specifications
| Input/Output Interface | |||
|---|---|---|---|
| Alarm Contact Channels | Resistive load: 1 A @ 24 VDC | ||
| Buttons | Reset button | ||
| Digital Input Channels | +13 to +30 V for state 1 -30 to +3 V for state 0 Max. input current: 8 mA |
||
| Ethernet Interface | |||
| 10/100/1000BaseT(X) Ports (RJ45 connector) | 3 (2 x LAN ports, 1 x MGMT port) | ||
| Standards | IEEE 802.3 for 10BaseT IEEE 802.3u for 100BaseT(X) IEEE 802.3ab for 1000BaseT(X) IEEE 802.3x for flow control |
||
| Ethernet Software Features | |||
| Management | DDNS Web Console (HTTP/HTTPS) LLDP SNMPv1/v2c/v3 Telnet TFTP SSH |
||
| Concurrent Connections | Max. 120K (based on RFC 3511) | ||
| Connections Per Second | Max. 6K (based on RFC 3511) | ||
| Security | Secure Boot RADIUS Trust access control TACACS+ SCP SFTP NTP authentication Syslog authentication |
||
| Time Management | NTP Server/Client SNTP |
||
| LED Interface | |||
| LED Indicators | PWR1, PWR2, STATE, BYPASS, USB | ||
| DoS and DDoS Protection | |||
| Technology | ARP-Flood FIN Scan ICMP Flood TCP Sessions Without SYN NMAP-ID Scan NMAP-Xmas Scan Null Scan SYN/FIN Scan SYN/RST Scan SYN-Flood Xmas Scan UDP Flood |
||
| Firewall | |||
| Throughput | Max. 40K packets per second/500 Mbps (based on RFC 2544) | ||
| Filter | DDoS Ethernet protocols ICMP IP address MAC address Ports |
||
| Intrusion Prevention System | Enabled by default. IPS pattern update functionality requires an additional license. | ||
| Deep Packet Inspection | Modbus TCP Modbus UDP DNP3 IEC 60870-5-104 IEC 61850 MMS EtherNet/IP MELSEC Omron FINS OPC UA Siemens S7 Comm. Siemens S7 Comm. Plus Additional protocols will be supported through future firmware updates. |
||
| Real-time Firewall Event Log | |||
| Event Type | Firewall events Protocol DPI and IDS/IPS events |
||
| Media | Syslog server Local storage SNMP Trap |
||
| Serial Interface | |||
| Console Port | RS-232 (TxD, RxD, GND), 3-pin (115200, n, 8, 1) | ||
| Connector | USB Type-C | ||
| Power Parameters | |||
| Connection | Removable terminal block | ||
| Operating Voltage | 9-36VDC [configurable to 7-36VDC] | ||
| Input Voltage | 12/24/48 VDC (DNV certified) Redundant dual inputs |
||
| Input Current | 0.69 A (max) | ||
| Reverse Polarity Protection | Supported | ||
| Physical Characteristics | |||
| Housing | Metal | ||
| Dimensions | 35 x 125 x 100 mm (1,38 x 4.92 x 3.94 in) | ||
| Weight | 385 g (0.85 lb) | ||
| Installation | DIN-rail mounting (DNV certified) Wall mounting (DNV certified) |
||
| Environmental Limits | |||
| Operating Temperature | Standard Models: -10 to 60°C (14 to 140°F) Wide Temp. Models: -40 to 75°C (-40 to 167°F |
||
| Storage Temperature (package included) | -40 to 85°C (-40 to 185°F) | ||
| Ambient Relative Humidity | 5 to 95% (non-condensing) | ||
| Standards and Certifications | |||
| Safety | IEC 62368-1 UL 62368-1 |
||
| EMC | EN 55032/35 | ||
| EMI | CISPR 32, FCC Part 15B Class A | ||
| EMS | IEC 61000-4-2 ESD: Contact: 6 kV; Air: 8 kV IEC 61000-4-3 RS: 80 MHz to 1 GHz: 20 V/m IEC 61000-4-4 EFT: Power: 2 kV; Signal: 2 kV IEC 61000-4-5 Surge: Power: 2 kV; Signal: 2 kV IEC 61000-4-6 CS: 10 V IEC 61000-4-8 PFMF |
||
| Railway | EN 50121-4 | ||
| Traffic Control | NEMA TS2 | ||
| Maritime | DNV | ||
| Shock | IEC 60068-2-27 | ||
| Freefall | IEC 60068-2-32 | ||
| Vibration | IEC 60068-2-6 | ||
| Hazardous Locations | ATEX Class I Division 2 IECEx |
||
| MTBF | |||
| Time | 2,929,641 hrs | ||
| Standards | Telcordia (Bellcore), GB | ||
| Warranty | |||
| Warranty Period | 5 years | ||
Ordering Guide
| Model Name | 10/100/1000BaseT(X) Ports (RJ45 Connector) |
10/100/1000BaseT(X) MGMT Ports (RJ45 Connector) |
MXsecurity Support | Conformal Coating | Operating Temperature |
|---|---|---|---|---|---|
| EDF-G1002-BP | 2 | 1 | ✓ | - | -10 to 60°C |
| EDF-G1002-BP-T | 2 | 1 | ✓ | - | -40 to 75°C |
| EDF-G1002-BP-CT | 2 | 1 | ✓ | ✓ | -10 to 60°C |
| EDF-G1002-BP-CT-T | 2 | 1 | ✓ | ✓ | -40 to 75°C |
Accessories (sold separately)
| Storage Kits | |
|---|---|
| ABC-02-USB | Configuration backup and restoration tool, firmware upgrade, and log file storage tool for managed Ethernet switches and routers, 0 to 60°C operating temperature |
| ABC-02-USB-T | Configuration backup and restoration tool, firmware upgrade, and log file storage tool for managed Ethernet switches and routers, -40 to 75°C operating temperature |
| Mounting Kits | |
| WK-40-01 | Wall-mounting kit, 2 plates, 6 screws, 40 x 58 x 2 mm |
| Software | |
| LIC-MXsecurity-NEW-XN-SR | MXsecurity perpetual node license with customizable node quantity (minimum 1 node |
| LIC-IPS-MXsecurity-NEW-1Y-XN-SR | 1-year IPS license for MXsecurity with customizable node quantity (minimum 1 node |
| LIC-IPS-MXsecurity-NEW-XM-XN-DMR | IPS license for MXsecurity with customizable duration and node quantity (minimum 1 month, minimum 1 node) |
| LIC-IPS-MXsecurity-RENEW-1Y-XN-SR | 1-year IPS renewal license for MXsecurity with customizable node quantity (minimum 1 node) |
| LIC-IPS-MXsecurity-RENEW-XM-XN-DMR | IPS renewal license for MXsecurity with customizable duration and node quantity (minimum 1 month, minimum 1 node) |
| LIC-IPS-MXsecurity-ADD-1Q-XN-SR | 3-month IPS add-on license for MXsecurity with customizable node quantity (minimum 1 node) |
| LIC-IPS-MXsecurity-ADD-2Q-XN-SR | 6-month IPS add-on license for MXsecurity with customizable node quantity (minimum 1 node) |
| LIC-IPS-MXsecurity-ADD-3Q-XN-SR | 9-month IPS add-on license for MXsecurity with customizable node quantity (minimum 1 node) |
| LIC-IPS-MXsecurity-ADD-4Q-XN-SR | 1-year IPS add-on license for MXsecurity with customizable node quantity (minimum 1 node) |
| LIC-IPS-MXsecurity-ADD-XM-XN-DMR | IPS add-on license for MXsecurity with customizable duration and node quantity (minimum 1 month, minimum 1 node) |
| LIC-IPS-DEVICE-RENEW-1Y-1N-MR | 1-year device-based IPS renewal license |
| LIC-IPS-DEVICE-NEW-1Y-1N-MR | 1-year device-based IPS license |
Customers who viewed this item also viewed