Enhanced Industrial Firewall HC-ISG V2.0

Enhanced Industrial Security Gateway HC-ISG V2.0 (Enhanced Industrial Firewall) is a security gateway product specifically designed for the field of industrial control security. It can effectively provide information security protection for industrial control systems such as SCADA, DCS, PCS, PLC, RTU, etc.

HC-ISG V2.0 (mainly solves the security protection issues of industrial infrastructure in the network environment when it is attacked by viruses, hostile forces, and staff misoperation).

The HC-ISG (V2.0) series industrial firewall is based on a professional hardware platform, highly integrated with a secure operating system platform and driver configuration module to form a stable framework layer, and then develops basic modules such as system management, policy management, user management, routing management, and security management based on the framework. By effectively combining the foundation layer and framework layer, the stable operation of traditional and industrial network protection at the business layer is ultimately ensured.

1. Supports parsing and access control functions for multiple protocols including OPC, Modbus, Ethernet/IP, IEC104, DNP3, Siemens, GE, etc.

2. Deeply detect and defend against multiple industrial protocols.

3. The intelligent protocol recognition function uses passive detection to collect data packets from the network and parse them.

4. Self learning and auxiliary rule generation.

5. Support dynamic port opening function to enhance security protection properties.

6. Equipped with poison filtering function.

7. Compare web traffic with URL filtering databases to block access to malicious websites.

8. Built in intrusion attack rule library.

9. Provide comprehensive network scanning and protection functions, capable of detecting and recording scanning behaviors on all interfaces and protected networks.

10. Dos/DDos attack protection.

11. Equipped with ALG function, it parses the application layer information of parent connections, obtains child connection information, and controls both parent and child connections of multi connection protocols. It supports FTP, SQLNET, H323, and OPC protocols.

12. IP/MAC binding.

13. Statistically analyze traffic based on parameters such as IP address, network service, time, and protocol type.

14. Can manage and configure bandwidth, prioritize ensuring industrial control business bandwidth, and guarantee business continuity.

15. Provide a complete log management platform to audit access operation records.

16. Flexible device deployment.

17. The device supports BYPASS and dual machine hot standby.

18. User authentication can be done through three methods: local authentication, Radius authentication, and Ldap authentication.

19. Administrators can configure authentication and bind UKEY to enable two factor authentication.

20. Support load balancing function, which can balance network traffic across multiple servers according to security policies.

21. Support many to one and many to multi-source NAT; Support destination NAT.

22. Equipped with VPN function.

23. Support a network environment with dual protocol stacks of IPv4 and IPv6, and enable mutual conversion between the two protocols.