Secure communication for machines and systems - Microwall VPN -W&T
June 14, 2021
To protect a machine and the surrounding network equally, the unit is first isolated in its own network segment. This can be an individual computer, a single machine or even an entire system. The Microwall VPN routes this device island securely and simply into the company intranet. Simple and intuitive filter rules protect sensitive island communication from harmful events in the intranet and from undesired access. Remote maintenance and remote access to the devices in the island network plus management of the Microwall VPN can be accomplished over a WireGuard VPN tunnel both as VPN server and VPN client.
The Microwall VPN remotes sensitive components or subnets into a separate island network and separates it from the higher level company intranet. For remote maintenance, remote support, etc. a WireGuard VPN server is available which provides selected VPN clients with secure and dedicated firewall protected access to the island stations.
All connections between the networks must be given express permission via rules based on source/destination IP and the TCP/UDP port numbers used. Communication with undocumented and/or undesired services is prohibited and harmful events such as overload kept from the island.
The firewall rules and VPN management are administered simply and clearly using the Microwall VPN web pages and are uniformly whitelist-based. Any communication which is not expressly permitted in the form of a rule is blocked.
Similar to a traditional DSL internet connection, the entire island network is incorporated via just an IP address of the intranet into the network there. No intervention into the routing concept of the intranet is necessary. Operation of multiple island networks having the same IP ranges is also possible in this mode. This gives machines and systems manufacturers the possibility of operating internal network with a uniform series IP configuration - no cumbersome adaptations to the customer’s infrastructure.
The Microwall VPN works like a traditional router with the island network made known in the intranet in the form of static routes.
The Microwall VPN uses the WireGuard platform as a VPN solution for remote access. Compared with other VPN solutions this offers advantages such as high data throughput and simple management with a high level of security and stability. Details and current information about WireGuard can be found at https://www.wireguard.com. The Microwall VPN can provide a VPN client or VPN server terminal point on your intranet connection. Depending on the application external WireGuard clients can dial in to the islands or the Microwall connects as a VPN client - for example into your service network.
Datasheet Microwall VPN 55211