Overview
It is a painful process requiring costly investment to change the infrastructure of security countermeasure deployment, especially in an air-gapped network environment connected with a massive number of assets that were not designed for the modern corporate network.
EdgeIPS ensures the security of individual assets and small production zones through hassle-free transparent deployment, providing OT visibility and OT protocol filtering with the option of inline or offline functionality. This security solution is designed specifically to fit into your network without disturbing your pre-existing configurations.
EdgeIPS creates visibility and rock-solid cyber defense for the legacy systems and unpatched devices that make up the backbone of your production line, ensuring uninterrupted operation.
Control mission-critical assets
EdgeIPS uses its sensitivity to a wide variety of industrial protocols to inform trust lists that can block unfamiliar commands, as well as detailed traffic and event logs. This system facilitates easy communication between operational technology (OT) and IT security system administrators.
Secure legacy assets
Virtual patching creates a powerful, up-to-date defense against known threats. It is specifically designed to safeguard legacy operating systems and unpatched devices. Virtual patching is a network-based behavior that creates a “shield” around vulnerable devices without changing the asset.
Bring visibility to shadow OT
EdgeIPS integrates and coordinates OT networks with passive asset identification and IT/OT traffic communication. It creates visibility within the shadow OT environment, and requires no changes to network topology.
Fits seamlessly into production environments
EdgeIPS deploys transparently and has the ability to segment assets, significantly improving work site network defensibility. It minimizes downtime for patching and maintenance to fit around-the-clock production schedules. In short, EdgeIPS keeps the operation running.
Works well stand-alone or in concert
EdgeIPS transparent security boxes work well when deployed stand-alone in front of mission-critical assets and synergize excellently with our industrial, next-generation firewall, EdgeFire. Large-scale deployments of both can be managed from a single, centralized location with OT Defense Console.
Ruggedized to work well in harsh temperatures
Ready for deployment wherever you need it, EdgeIPS operates in temperatures ranging from -40 to 75 degrees Celsius or -40 to 167 degrees Fahrenheit. It has an extended mean time between failure (MTBF) of 700,000+ hours.
Features
Transparent Network Traffic Monitoring and control
EdgeIPS is designed for use in levels 1-3, in front of missioncritical assets or at the network edge. Its transparency and ability to sense your network traffic and production assets allow EdgeIPS to fit right into your network without disrupting operations.
OT-Aware Operational Intelligence
Our core technology for EdgeIPS, TXOne One-Pass DPI for Industry (TXODI), gives you the ability to create and edit Allowlists, allowing for interoperability between key nodes and deep analysis of L2-L7 network traffic.
Switch between Two Flexible Modes, ‘Monitor’ & ‘Protect’
EdgeIPS flexibly switches between ‘Monitor’ and ‘Protect’ modes. ‘Monitor’ mode and ‘protect’ mode preserve your productivity while maximizing security.
Improve Shadow OT Visibility By Integrating IT and OT Networks
EdgeIPS comes equipped to make your IT and OT networks as integrated and coordinated with each other as possible, and to grant visibility of your shadow OT environment.
Signature-Based Virtual Patching
Through virtual patching your network has a powerful, up-todate first line of defense against known threats. Users have superior control of the patching process, which creates a preemptive defense during incidents, and provides additional protection for legacy systems.
Top Threat Intelligence and Analytics
EdgeIPS provides advanced protection against unknown threats with its up-to-date threat information. With the help of the Zero Day Initiative (ZDI) vulnerability reward program, EdgeIPS offers your systems exclusive protection from undisclosed and zero-day threats.
Supports a Wide Range of Industrial Protocols
EdgeIPS supports OT protocols including Modbus, Ethernet/IP, CIP, and more, allowing OT and IT security system administrators to collaborate. This allows for seamless operation with existing network architecture.
Management Easily Centralized
Pattern updates and firmware management can all be centralized on a large scale. For facilities with many EdgeIPS nodes, the OT Defense Console (ODC) can help administer and manage them, reducing costs and improving performance.
Specifications
| EdgeIPS 102-BP-TM Specifications |
| Threat Prevention Throughput* |
200Mbps at least (IMIX) / 600Mbps (UDP 1518 bytes) |
| Latency* |
<500 micro seconds |
| Concurrent Connection (TCP) |
30,000 |
| Supported ICS Protocol |
Modbus / EtherNet IP / CIP / FINS / S7Comm/ S7comm+/ TOYOPUC, with more being added regularly |
| Policy Enforcement Rules |
512 Rules |
| ICS Protocol Filter Profiles |
32 Profiles |
| Form Factor |
DIN-rail mounting and Wall mounting (with optional kit) |
| Weight (Stand-Alone Device) |
322g (0.7098 lb) |
| Dimensions (W x D x H) |
40.2mm x 70.1mm x 83.3mm (1.58 x 2.75 x 3.27 in) |
| Network Interface Type |
2 x Auto-sensing 10/100/1000 Mbps ports (RJ45 connector) |
| USB Interface |
1 x USB v2.0 Type-A |
| Management Interface(Web Console) |
With Uplink port shared |
| Hardware Fail-over |
Hardware bypass |
| Management Console interface |
USB Type-C Console |
| Input Voltage |
12/24/48 VDC |
| Input Current |
0.483/0.241/0.127 A |
| Power Supply |
Dual-power input (4-pin terminal block, V+, V-) |
| Operating Temperature |
-40 to 75 ˚C (-40 to 167 °F )(Wide Temperature) |
| Ambient Relative Humidity |
5 to 95% non-condensing |
| Non-operating / Storage Temperature |
-40 to 85 ˚C (-40 to 185 °F ) |
| Non-operating / Storage Relative Humidity |
5 to 95% non-condensing |
| Vibration |
IEC60068-2-6 (without any USB devices attached) |
| Mean Time Between Failure (MTBF) |
700,000 hours + |
| Safety Certification |
CE ,UL,UL 60950-1 |
| Electromagnetic Compatibility |
EMI: CISPR 32, FCC Part 15B Class A
EMC: EN 55032/35, VCCI Class A |
| Green Product |
RoHS, RoHS2, CRoHS, WEEE |
* Note: Performance is measured in a Laboratory, performance values may vary according to test condition and system configuration
