Trend Micro EdgeFire 1012
Industrial next generation firewall series
Get a Quote!
Modernization and interconnection are the keys to this connected world. This revolution bridges the gap between Information Technology (IT) and Operational Technology (OT). Usually IT and OT technologies are operated separately, each with its own network, maintenance task force, goals, and needs. Furthermore, the typical OT network connects with a massive number of assets that were not designed for the modern corporate network, and as a result it is extremely difficult to conduct timely updates and patching to maintain protection of critical assets.
EdgeFire, the Next Generation Firewall, enables network segmentation and segregation to divide the network into different zones of control, even down to the cell level. Featuring network access control and network attack prevention for critical assets, the EdgeFire is designed for in-depth cyber defense to streamline OT daily operations.
Take control of mission-critical machines
EdgeFire is sensitive to a wide variety of network protocols. It can use these to make OT-aware operational command trust lists as well as trust lists based on other parameters.
Improve shadow OT visibility
EdgeFire comes equipped to make your IT and OT networks as integrated and coordinated as possible. It also grants visibility into your shadow OT environment.
Centralize on one console
Pattern updates, firmware management, and provisioning can all be centralized on a large scale. For facilities with multiple EdgeFire nodes, OT Defense Console (ODC) can help administer and manage those nodes alongside any operative EdgeIPS nodes.
Easy on-site deployment and network segmentation
We built EdgeFire with a special focus on network segmentation. It enables networks to be set up into easily defensible security zones based on each asset’s operational needs without changing existing topology.
Protect vulnerable unpatched devices and legacy systems
Virtual patch, a signature technology of the Edge series, is a network-based behavior that secures assets past end-of-service or when they’re otherwise unpatchable. It places a “shield” around these assets, protecting their vulnerabilities from being exploited by intruders.
Built for peak performance even in harsh temperatures
EdgeFire is ready for deployment in harsh worksite environments in temperatures ranging from -40 to 75 degrees Celsius or -40 to 167 degrees Fahrenheit. It has a mean time between failure (MTBF) of over 700,000 hours.
Robust, resilient firewall provides security, stability and convenience
- Segment networks and isolate connectivity both to and between facilities as well as production zones.
- Works excellently stand-alone, or synergizes well with Centralized Management System “OT Defense Console”.
- Certified industrial-grade hardware with compact size, dual power input, a wide thermal operation range, and durability tailored for industrial cabinet design and OT environments.
Detect and intercept threats with hardware specially created to prevent worms from spreading
- Immediate and continuous threat protection through flexible deployment options that are easily installed and managed using the centralized management interface.
- Protect vulnerable unpatched devices and legacy systems.
- Signature-based virtual patching protects your assets against OT exploits.
- Use segmentation to create production zones, reducing the damage of misoperation or cyberattack.
Enable full visibility of your Shadow OT network
- Operate with a high level of asset visibility using passive asset identification and IT/OT traffic communication within OT networks.
- Minimize downtime for patching or maintenance.
- Increase Shadow OT visibility.
- Purify OT network communication.
- Smooth event monitoring and log creation.
- View and query event logs with built-in log viewer.
OT-Aware Operational Intelligence
The EdgeFire’s core technology, TXOne One-Pass DPI for Industry (TXODI), gives you the ability to create and edit Allowlists, allowing for interoperability between key nodes and deep analysis of L3-L7 network traffic.
Improve Shadow OT Visibility By Integrating IT and OT Networks
EdgeFire comes equipped to make your IT and OT networks as integrated and coordinated with each other as possible, and to grant visibility of your shadow OT environment.
Signature-Based Virtual Patching
Through virtual patching your network has a powerful, upto-date first line of defense against known threats. Users have superior control of the patching process, which creates a pre-emptive defense during incidents, and provides additional protection for legacy systems.
Switch between Two Flexible Modes, ‘Monitor’ & ‘Protect’
EdgeFire flexibly switches between ‘Monitor’ and ‘Protect’ modes. Monitor mode and protect mode preserve your productivity while maximizing security.
Supports a Wide Range of Industrial Protocols
EdgeFire supports OT protocols including Modbus, Ethernet/IP, CIP, and more, allowing OT and IT security system administrators to collaborate. This allows for seamless connection to existing network architecture.
Top Threat Intelligence and Analytics
EdgeFire provides advanced protection against unknown threats with its up-to-date threat information. With the help of the Zero Day Initiative (ZDI) vulnerability reward program, EdgeFire offers your systems exclusive protection from undisclosed and zeroday threats.
Flexible Segmentation and Isolation
EdgeFire is the ideal solution for segmenting a network into easily managed security zones.
Pattern updates and firmware management can both be centralized on a large scale. For facilities with many EdgeFire nodes, the OT Defense Console (ODC) can help administer and manage them by group, reducing costs and improving performance.
|EdgeFire 1012 Specifications|
|Threat Prevention Throughput||200Mbps at least (IMIX) / 600Mbps (UDP 1518 bytes)|
|Latency||<500 micro seconds|
|Concurrent Connection (TCP)||100,000|
|Supported ICS Protocol||Modbus／EtherNet IP / CIP / FINS / S7Comm/ S7comm+/ TOYOPUC, with more being added regularly|
|Policy Enforcement Rules||512 Rules|
|ICS Protocol Filter Profiles||32 Profiles|
|Form Factor||DIN-Rail mounting , Server Rack Mount and Wall mounting (with optional kit)|
|Weight (Stand-Alone Device)||1381g (3.044 lb)|
|Dimensions (W x D x H)||180mm x 120mm x 50mm (7.09 x 4.72 x 1.97 in)|
|Network Interface Type||8 x Auto-sensing 10/100/1000 Mbps ports (RJ45 connector)
2 x 100/1000 fiber optic ports and 2 x Auto-sensing 10/100/1000 Mbps Copper ports (Combo)
|USB Interface||1 x USB v2.0 Type-A|
|Management Interface (Web Console)||LAN Interface|
|Management Console Interface||RJ-45 Console|
|Power Input||9/12/24/48 VDC, Dual Redundant Inputs (2 x 3 Pin Terminal Block, Shall Locate in front panel); Reverse Polarity Protection Supported. (* 12V VDC Recommended)|
|Power Supply||Dual Power input, total 6 pin terminal block|
|Operating Temperature||-40 to 75 ˚C (-40 to 167 °F )(Wide Temperature)|
|Ambient Relative Humidity||5 to 95% non-condensing|
|Non-operating / Storage Temperature||-40 to 85 °C (-40 to 185 °F )|
|Non-operating / Storage Relative Humidity||5 to 95% non-condensing|
|Vibration||IEC 60068-2-6, IEC 60068-2-27, IEC 60068-2-64 (without any USB devices attached)|
|Mean Time Between Failure (MTBF)||700,000 hours +|
|Safety Certification||CE ,UL,UL 60950-1|
|Electromagnetic Compatibility||EMI: CISPR 32, FCC Part 15B Class A
EMC: EN 55032/35, VCCI Class A
|Green Product||RoHS, RoHS2, CRoHS, WEEE|
* Note: Performance is measured in a Laboratory, performance values may vary according to test condition and system configuration