The mbNETFIX is an industrial firewall ideally suited for automation applications. It is a self-learning, easy-to-configure firewall that can be operated in bridge mode or gateway mode.
In Bridge Mode, it is ideal for retrofitting existing networks. It can be installed out of the box, without introducing changes in the network (it does not have an IP address), and once installed protects the network immediately. It protects data transfer between the WAN and LAN ports.
In Gateway Mode, selected areas of a network can be separated. WAN and LAN interfaces get separate IP addresses, thus segmenting the network. With this configuration, functions such as NAT and Forwarding can be used to route data traffic to secondary networks. Meanwhile the packet filter manages data exchange between the LAN and WAN. Using the learning mode, the creation of filter tables is greatly simplified.
The design concept of the mbNETFIX is based on “Security by Design” right from the start. In order to keep attack vectors as small as possible, a web interface was deliberately disregarded. The firewall is configured using configuration software via the USB port. For IT experts, an optional SSH interface is available.
Avoid address conflicts when installing new machines. Integrating a new machine in an existing production network can yield address conflicts, making machine installation longer and more expensive. mbNETFIX simplifies and shortens machine installation while preserving the internal network conventions.
The mbNETFIX’s integrated learning function monitors the traffic and the user can explicitly release or block the connections among the IP devices directly from a learned packet table. The built-in learning feature simplifies commissioning and does not require special IT skills.
With the integrated packet filter, the mbNETFIX protects networks. It blocks or releases traffic between WAN and LAN on both sides. Using the configuration software, users can use simple filter tables to determine which communications to allow or prohibit.
The mbNETFIX also has various NAT functionalities that can be configured via the configuration software. Thus, the firewall can be used to connect different networks, even if the IP address ranges are different. The device includes Simple NAT, Network NAT, DNAT (Port Forwarding), SNAT and Static Routes.
The configuration tool generates an RSA key pair during commissioning and transmits it to the mbNETFIX. The RSA key authentication replaces the classic password method and secures mbNETFIX from brute force attacks. Lastly, the convenient user role management, allows assignment of four user levels that have different rights.
|GC-MBC-NFH100||mbNETFIX NFH100||NFH 100|
We have the best technical support engineers that know how to use our products. If our Tech Support cannot solve your problem, we will contact the design engineer or manufacturer to help find a resolution.