Moxa EDR-G903 User Manual
1
w w w. m o x a . c o m
i n f o @ m o x a . c o m
Industrial Network Security and Management
EDR-G903 Series
The EDR-G903 series is a high performance, industrial VPN server
with firewall/NAT all-in-one secure router. It is designed for Ethernet
security applications in sensitive remote control or monitoring
networks, and provides an Electronic Security Perimeter for the
protection of critical cyber assets. The EDS-G903 series includes the
following cyber security features:
with firewall/NAT all-in-one secure router. It is designed for Ethernet
security applications in sensitive remote control or monitoring
networks, and provides an Electronic Security Perimeter for the
protection of critical cyber assets. The EDS-G903 series includes the
following cyber security features:
• Virtual Private Networking (VPN): VPNs are designed to provide
users with secure communication links when accessing a private
network from the public Internet. Uses IPSec (IP Security) server
or client mode for encryption and authentication of all IP packets at
the network layer to ensure confidentiality and sender authentica-
tion.
network from the public Internet. Uses IPSec (IP Security) server
or client mode for encryption and authentication of all IP packets at
the network layer to ensure confidentiality and sender authentica-
tion.
Industrial VPN secure routers, 2 WAN/1 DMZ,
firewall/NAT, 25 VPN tunnels
• Firewall: Controls network traffic between different trust zones.
Network Address Translation (NAT), which shields the internal LAN
from unauthorized activity from outside hosts, is included.
from unauthorized activity from outside hosts, is included.
The EDR-G903 supports one WAN, one LAN, and a user-configurable
WAN/DMZ interface that provides high flexibility in different
applications such as WAN redundancy or Data/FTP server security
protection. The EDR-G903’s Quick Automation Profile function
supports most common Fieldbus protocols, including EtherCAT,
EtherNet/IP, FOUNDATION Fieldbus, Modbus/TCP, and PROFINET.
Users can easily create a secure Ethernet Fieldbus network from a
user-friendly web UI with a single click operation. In addition, wide
temperature models are available that operate reliably in hazardous,
-40 to 75°C environments.
WAN/DMZ interface that provides high flexibility in different
applications such as WAN redundancy or Data/FTP server security
protection. The EDR-G903’s Quick Automation Profile function
supports most common Fieldbus protocols, including EtherCAT,
EtherNet/IP, FOUNDATION Fieldbus, Modbus/TCP, and PROFINET.
Users can easily create a secure Ethernet Fieldbus network from a
user-friendly web UI with a single click operation. In addition, wide
temperature models are available that operate reliably in hazardous,
-40 to 75°C environments.
Specifications
Introduction
›
VPN security with IPSec (Server & Client Mode), L2TP and
PPTP functions
›
Firewall/NAT/VPN/Router all-in-one
›
High performance Gigabit copper/fiber combo port
›
WAN redundancy function with 2 WAN interfaces
and 1 LAN interface
›
Firewall with Quick Automation Profile for Fieldbus protocols
›
Network address translation (N-to-1, 1-to-1, and port forwarding)
›
Intelligent PolicyCheck and SettingCheck tools
›
-40 to 75°C operating temperature range (T model)
›
NERC CIP compliance
HONORABLE
MENTION
Award-winning Product
Technology
Standards:
IEEE 802.3 for 10BaseT
IEEE 802.3u for 100BaseT(X) and 100BaseFX
IEEE 802.3ab for 1000BaseT(X)
IEEE 802.3z for 1000BaseX
Protocols: SNMPv1/v2c/v3, DHCP Server/Client, TFTP, NTP, HTTP,
HTTPS, Telnet, SSH, Syslog, SMTP, LLDP, PPPoE, PPTP, Dynamic
DNS, QoS (Quality of Service), VRRP*
IEEE 802.3 for 10BaseT
IEEE 802.3u for 100BaseT(X) and 100BaseFX
IEEE 802.3ab for 1000BaseT(X)
IEEE 802.3z for 1000BaseX
Protocols: SNMPv1/v2c/v3, DHCP Server/Client, TFTP, NTP, HTTP,
HTTPS, Telnet, SSH, Syslog, SMTP, LLDP, PPPoE, PPTP, Dynamic
DNS, QoS (Quality of Service), VRRP*
*Available in Q2, 2012
Routing: Static routing, RIP V1/V2
Flow Control: IEEE 802.3x flow control, back pressure flow control
Flow Control: IEEE 802.3x flow control, back pressure flow control
Interface
WAN 1: 1 RJ45/fiber combo port
WAN 2 / DMZ: 1 RJ45/fiber combo port
LAN: 1 RJ45/fiber combo port
RJ45 Ports: 10/100/1000BaseT(X) auto negotiation speed
Fiber Ports: 100/1000BaseSFP slot
LED Indicators: PWR1, PWR2, FAULT, 10/100/1000M, DMZ/WAN
Alarm Contact: One relay output with current carrying capacity of 1 A
@ 24 VDC
WAN 2 / DMZ: 1 RJ45/fiber combo port
LAN: 1 RJ45/fiber combo port
RJ45 Ports: 10/100/1000BaseT(X) auto negotiation speed
Fiber Ports: 100/1000BaseSFP slot
LED Indicators: PWR1, PWR2, FAULT, 10/100/1000M, DMZ/WAN
Alarm Contact: One relay output with current carrying capacity of 1 A
@ 24 VDC
Digital Inputs: 1 input
• +13 to +30 V for state “1”
• -30 to +3 V for state “0”
• Max. input current: 8 mA
• +13 to +30 V for state “1”
• -30 to +3 V for state “0”
• Max. input current: 8 mA
Security Function
Firewall:
• Stateful inspection
• Filter: IP and MAC address, ports, protocol
• Bridge mode firewall
Quick Automation Profile: EtherCAT, EtherNet/IP, FOUNDATION
Fieldbus, LonWorks, Modbus/TCP, PROFINET, IEC 60870-104, DNP,
FTP, SSH, Telnet, HTTP, IPSec, L2TP, PPTP, RADIUS
NAT: N-to-1, 1-to-1, and port forwarding
VPN: IPSec, L2TP, PPTP
Encryption: DES, 3DES, AES
Authentication: Pre-shared key (PSK), X.509v3 certificates, MD5, SHA
Data Throughput: 500 Mbps (large packets)
VPN Throughput: 150 Mbps (AES-256, SHA-256)
• Stateful inspection
• Filter: IP and MAC address, ports, protocol
• Bridge mode firewall
Quick Automation Profile: EtherCAT, EtherNet/IP, FOUNDATION
Fieldbus, LonWorks, Modbus/TCP, PROFINET, IEC 60870-104, DNP,
FTP, SSH, Telnet, HTTP, IPSec, L2TP, PPTP, RADIUS
NAT: N-to-1, 1-to-1, and port forwarding
VPN: IPSec, L2TP, PPTP
Encryption: DES, 3DES, AES
Authentication: Pre-shared key (PSK), X.509v3 certificates, MD5, SHA
Data Throughput: 500 Mbps (large packets)
VPN Throughput: 150 Mbps (AES-256, SHA-256)
Power Requirements
Input Voltage: 12/24/48 VDC (9.6 to 60 VDC), redundant dual inputs
Input Current: 0.53 A @ 24 V
Input Current: 0.53 A @ 24 V