Protection of industrial automation networks against unauthorized access and setup of a DMZ (protected zone) possible for data exchange with other networks without having to grant direct access to the production network.
Through implementation of the cell protection concept:
Protection of any Ethernet-based programmable controllers and automation systems which do not have their own security functions
Protecting several devices simultaneously
Reduction in risk by means of network segmenting (by generating secure communication islands)
Safeguarding of communication to and from the automation cells is possible
User-specific firewall rules can be used to assign specific access privileges to users and not just to devices.
System-wide network diagnostics thanks to integration into IT infrastructures and network management systems by means of SNMP
Safeguarding of remote access via the Internet. Using PPPoE and DynDNS, dynamic IP addresses can also be applied.
Problem-free integration into existing networks without reconfiguring terminal nodes or setting up new IP subnetworks
Module replacement without the need for a programming device, using the C-PLUG swap media for backing up the configuration data
Direct integration in ring structures and FO networks is possible (SCALANCE S627-2M)
