Moxa Cybersecurity Network Security Solutions
Network Security Solutions
Protect your industrial networks from edge to cloud
The widespread adoption of the IIoT is resulting in more and more devices being brought online. While industry operators are keen to reap the benefits of digitizing automation, they are also faced with the increased risks that accompany this trend. For example, the fact that the network is isolated does not always mean that it is secure. As more devices become connected, the attack surface also increases, which makes networks more vulnerable to cyberattacks and unauthorized access. This lack of awareness about security issues can have serious consequences. For example, it only takes a very small cybersecurity breach to corrupt or delete a large amount of data, which can lead to significant production losses. Moxa helps users address the challenges they may encounter and build cybersecurity solutions that bring value to all industrial automation players.
Industrial Control System (ICS) networks used to be isolated and used air-gap protection to keep secure networks separate from unsecured networks. Even though industrial networks are continuing to connect more devices, most OT operators still rarely take cybersecurity defense into consideration. Due to the number of cyberattacks targeting the critical manufacturing sector, it is clear that ICS networks are at high risk of attack.
Segment networks to secure communications between components in different automation zones and cells.
View the security architecture here.
Network Segmentation for Zone and Cell Protection
The defense-in-depth security architecture divides the ICS network into protected individual zones and cells. The communication in each zone or cell is secured by firewalls, which further reduces the chance that the entire ICS network will fall victim to a cyberattack. Moxa's EDR Series consists of industrial secure routers that help operators provide zone and cell protection by using a transparent firewall that protects control networks and critical devices such as PLCs and RTUs against unauthorized access. By using this solution, there is no need to reconfigure network settings, which makes deployment faster and easier. The EDR-810 Series supports Moxa’s Turbo Ring redundancy technologies, which makes the deployment of network segmentation more flexible and economical. Moreover, Moxa’s Ethernet switches can create a virtual LAN (VLAN) to decompose each of the ICS domains into smaller networks that isolate traffic from other VLANs.
Learn How to Choose the Right Industrial Firewall: The Top 7 ConsiderationsDownload
Identify and scrutinize traffic between zones within the ICS network. View the security architecture here.
Traffic Control for Interaction Between Zones
Traffic passing between zones in an ICS network must be scrutinized in order to enhance security. There are several ways to implement this. One method is to have data exchanged via a DMZ, where the data server is accessible between the secure ICS network and insecure networks without a direct connection. Moxa's EDR-G903 Series can help achieve secure traffic control by utilizing user-specific firewall rules. The second method is for the EDR routers to perform deep Modbus TCP inspection by using PacketGuard to control actions and enhance traffic control. This method simplifies administration tasks and can protect against unwanted traffic from one network to another. In addition to firewalls, an Access Control List can be used to filter switches’ ingress packets by IP address or local IP, which allows network administrators to secure networks by controlling access to devices or parts of the network.
Secure remote access to the ICS Network.
View the security architecture here.
Secure Remote Access to the ICS Network
There are currently two solutions available to deal with the main requirements for secure remote access to applications. For constant connections, standard VPN tunnels are recommended. Moxa's EDR Series can use IPsec, L2TP over IPsec, or OpenVPN to set up encrypted IPsec VPN tunnels or OpenVPN clients. These methods protect data from being manipulated when it is being transmitted and ensure secure remote access between industrial networks and remote applications. Alternatively, if remote access is only required to be accessible on demand to specific machines or sensitive areas, then a management platform for all remote connections is required.
Moxa’s Solution Highlight
Quick Questions to Ensure Best Practices are being Followed
Do you think that there is no need to change the default password because your ICS network is isolated?
User-Friendly Security Management
Security Status at a Glance
MXview's Security View visualizes the security parameters of your network devices and shows their status on a single page.Learn More
Security Setup in 3 Steps
MXconfig helps you configure your network to meet established industrial standards in just three steps.Learn More
Fast Security Monitoring
MXview and MXconfig tools help both general industrial users and security experts efficiently manage device security levels on their networks.Learn More
With over 30 years of experience in industrial networking, Moxa draws on this expertise to help customers build secure networks by offering protection for PLCs, SCADA systems, factory networks, and remote access. Download the case studies to learn more.
Customer: Oil & Gas Service Company
High-capacity oil and gas pipelines are very volatile and often span thousands of kilometers. The pump stations along the pipeline are equipped with analyzers and PLCs. The company found it challenging to maintain a secure and stable network connection between the stations and the remote SCADA system because the PLCs and I/O devices did not have any security features.
To close the gap between the OT and IT worlds, Moxa offers coordinated solutions that are designed to completely protect your industrial networks.
Moxa’s product portfolio is based on the defense-in-depth concept that includes secure devices, secure network infrastructure, and security management.
Continuously Enhancing Security
Moxa takes a proactive approach to protect our products from security vulnerabilities and help our customers better manage security risks.
Development for IT/OT Security
Moxa has partnered with Trend Micro to respond to the growing security needs of industries as well as the security demands from IT/OT personnel.