Innominate EAGLE mGuard w/VPN-10 BD-301010 User Manual

Conventional gateway appliances are generally used

to protect entire networks or network segments using

a universal security standard. In this case, important

options can only be realized with great difficulty,

including alternate security levels, individually customi-

zed access rights or regulated access times. What’s

more, access lists and firewall rules, which have to be

administered across the network backbone, quickly

become too complex – increasing the danger of secu-

rity holes in the system.

With the EAGLE mGuard, you can assign each produc-

tion system its own security components – with indivi-

dual levels of security and specifically configured

access rights, as well as numerous other unique

advantages.

With the Innominate Device Manager (IDM) large

populations encompassing several thousand mGuard

appliances can be efficiently configured and mana-

ged. Due to the Innominate mGuard’s template-

based approach, the roll-out of numerous identically-

configured appliances can be carried out quickly and

conveniently. For intuitive monitoring and logging, the

mGuards communicate with all standard SNMP

Innominate’s EAGLE mGuard is at home in every

Ethernet-based production network. Its fields of

application are virtually unlimited. Regardless of

which production systems you currently use, regard-

less of which operating system you work with, with

this unique “device attached security” solution, you

can guarantee the highest security standards for uni-

form data communication companywide.

Various application scenarios for the EAGLE mGuard

exist, depending on the design of the network. For

example, office environments can be separated from

production environments. Individual production cells

can also be segmented via firewall functions. What’s

more, secure access can be set up for remote admi-

nistration via Internet, or a service port within the

network, allowing external technicians to carry out

maintenance on individual systems.

mGuard, the “device attached security”

solution from Innominate, unites all

functions to reliably protect IP con-

nections:

■

Configurable firewall – protects

the system from unauthorized

access from “outside”. The Stateful

Inspection Firewall filters data

packets based on the originating

and target address, blocking un-

desired data traffic – also from

“inside”.

■

VPN (optional) for secure data 

transmission via public networks

(hardware-based DES, 3DES and

AES encryption, IPsec protocol).

■

Integrated anti-virus protection

(optional) supporting the HTTP,

FTP, SMTP and POP3 protocols.

Anti-virus protection takes place

outside of the system. Therefore,

no incursion into the system takes

place – offering more protection

while assuring high performance

for the production.

■

High system availability through

the optional firewall redundancy.

Firewall policies and rules are

maintained redundantly. In the

case of an mGuard outfall, they

are automatically available for use

within the shortest time periods.