M2M Gateway Features Jari Lahti, CTO www.violasystems.com.

Slides:

Advertisements

Similar presentations

Integration of PAP site 17 th July 10. Requirements of PAP SITE  Bandwidth drop  Router  RJ45 cables  Switch  Gateway  Nodes  Ups  9urack.

Advertisements

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Module 5: Configuring Access for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Wi-Fi Structures.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Lesson 1: Configuring Network Load Balancing

Guide to Computer Network Security

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

DrayTek VPN Solution. Outline What is VPN What does VPN Do Supported VPN Protocol How Many Tunnels does Vigor Support VPN Application Special VPN Application.

Advanced Networking for DVRs

CLIENT A client is an application or system that accesses a service made available by a server. applicationserver.

And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.

CNT-150VT. Question #1 Your name Question #2 Your computer number ##

Networking Components Christopher Biles LTEC Assignment 3.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

VPN for Sales Nokia FireWall-1 Products Complete Integrated Solution including: –CheckPoint FireWall-1 enterprise security suite –Interfaces installed.

EAGLE EAGLE - Functionalities Modular Ports : WAN PortSecured Port Twisted PairTwiited PairFX Multi Mode FX Single Mode FX Long Haul 1 RS232 Serial Port.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Intranet, Extranet, Firewall. Intranet and Extranet.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.

Viola Systems M2M solution installation

Cisco PIX firewall Set up 3 security zones ***CS580*** John Trafecanty Jules R. Nya Baweu August 23, 2005.

Common Devices Used In Computer Networks

Module 7: Firewalls and Port Forwarding 1. Overview Firewall configuration for Web Application Hosting Forwarding necessary ports for Web Application.

VNC Greg Fankhanel Jessica Nunn Jennifer Romero. What is it? Stands for Virtual Network Computing It is remote control software which allows you to view.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

Windows 7 Firewall.

Wireless Networks and the NetSentron By: Darren Critchley.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.

What’s New in Fireware v11.9.5

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

Hp education services education.hp.com 10 Virtual Private Networks Version B.00 H7076S Module 2 Slides.

1 實驗九：建置網路安全閘道器教師：助教：. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

ITGS Networks. ITGS Networks and components –Server computers normally have a higher specification than regular desktop computers because they must deal.

Components of wireless LAN & Its connection to the Internet

A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 ver.2 Module 8 City College.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.

CTC228 Nov Today... Catching up with group projects URLs and DNS Nmap Review for Test.

FIREWALLS What Is A Firewall? A computer firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality.

1 The Network Menu. 2 Static Routing The Static Routing functionality within GD eSeries allows users to easily configure static routes to networks not.

Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.

What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.

I NTRODUCTION TO F IREWALLS. O VERVIEW OF F IREWALLS As the name implies, a firewall acts to provide secured access between two networks A firewall may.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Network Security Solution. 2 Security Gateway Switch Network Security Products  Multi-Homing  VPN/Firewall  SPI Firewall  Anti-Virus  Anti-Spam 

Network Overview. Protocol Protocol (network protocols) - a special set of rules that define communication between two or more devices on a network.

Central Management of 300 Firewalls and Access-Lists Fabian Mauchle TNC 2012 Reykjavík, 21-May-2012.

WHAT’S A WIRELESS AP? AND WHY DO I NEED ONE? Network Components & How They Work.

TECH TIP – Videoconferencing settings for Apple AirPort Extreme wireless access point. SYMPTOM / ISSUE After connecting a set-top videoconferencing system.

2TCloud - Veeam Cloud Connect

Welcome To : Group 1 VC Presentation

VPN-Implementation Using UBUNTU OS and OpenVPN and Hamachi in client-server environment. By Ruphin Byamungu, Kusinza United States International University-Nairobi.

Digital Pacman: Firewall Edition

Guide to Computer Network Security

Presentation transcript:

M2M Gateway Features Jari Lahti, CTO

Viola M2M Gateway Industrial-grade gateway for Viola's Arctic Modems Connects SCADA network with GPRS or other network Offers mobile operator independent static IP addressing for connected Arctic Modems Easy and quick to install and configure Firewall and VPN for secure communication 2 x 10/100 Base-T Ethernet ports Hot Stand-By with secondary M2M Gateway Load Sharing with secondary M2M Gateway

M2M Gateway Versions Standard –19" 1U rack –up to 300 Arctic clients (unlimited, traffic dependent) Enterprise –19" 1U rack –up to 2500 Arctic clients (unlimited, traffic dependent) –redundant power supply, fans –redundant hard disks

Security Features Stateful inspection firewall –Filter rules for incoming, outgoing and routed traffic –Packet logging VPN –SSH-VPN between Arctic and M2M –L2TP between Arctic and M2M –OpenVPN between client computer (SCADA) and M2M Management –HTTPS, SSH –Console

Installation Requirements M2M installation requires fixed and public IP address to where the client devices can connect to Used ports (can be altered) –TCP port 22 (SSH-VPN) –TCP port (WEB UI) –UDP port 1701 (L2TP-VPN) –UDP port 1194 (OpenVPN) Installation either directly to public IP or to DMZ zone Internet eth0 Public IP Internet Public IP eth0 Private IP Company Firewall / router with port forwarding

SCADA Connection The M2M Gateway is transparent for SCADA communication - the traffic is only encrypted and capsulated to VPN SCADA can be connected directly to M2M Ethernet port or remotely by using OpenVPN software VPN OpenVPN clients available for Windows, Linux and Mac Internet eth0 Public IP SCADA eth1 Internet eth0 Public IP SCADA OpenVPN

Load Sharing Multiple M2M Gateways can be connected parallel Each M2M Gateway must be available on different IP address or different TCP/UDP port If SCADA is connected directly to M2M:s –configure static routes to SCADA PC –or enable proxy-ARP feature on M2Ms If SCADA is connected by using OpenVPN –separate OpenVPN connection to each M2M Each Arctic group connects primary to dedicated M2M SCADA Internet A B A B

Redundancy Each Arctic can connect primary and secondary M2M If the primary connection fails Automatic switching to backup happens Each M2M Gateway must be available on different IP address or different TCP/UDP port SCADA must be connected directly to M2M:s –enable proxy-ARP feature on M2Ms –when the SCADA PC makes ARP request the M2M gateway currently hosting the requested Arctic will reply Can be used together with Load Sharing Settings can be copied between M2M's SCADA Internet Backup M2M Primary M2M A A A B