autonomous hardware

Autonomous Hardware

넳 넲

independent hardware product display

Display of independent hardware products

넳 넲

UMP-1000F Product overview

Unified Security Management Platform UMP-1000F

unified security management platform is a security management platform for industrial control systems. Based on the topology, resources, alarm log data and configuration management capabilities of security devices in the industrial control system, it meets the needs of daily network-wide monitoring and management. It can also discover potential security threats, analyze abnormal behaviors globally, analyze security events, and realize an all-round multi-dimensional industrial control system.

Product Characteristics

1.Comprehensive log access and analysis capabilities:platform supports various common log access. For access methods with special requirements, the platform can realize flexible customization, thus realizing the docking of various types of equipment such as security equipment, network equipment, IT equipment, mobile equipment, industrial control equipment, etc..

2.Powerful expansion capability:can also provide a common interface to facilitate the secondary development of users and low-cost access to third-party equipment.

3.Reliable safety control:supports baseline check and identity authentication, decentralized and domain management, and centralized self-learning, creating and applying black and white list rules

4.Efficient batch processing capability:can manage the device resource information of the whole network, support batch configuration and batch upgrade, and better achieve real-time reporting and processing of the whole network alarm and massive log collection and analysis.
Customer Value

1.Unified management to improve operation and maintenance efficiency:supports the setting and checking of security policies and security configurations of industrial control system security products (such as industrial firewalls, industrial monitoring and auditing, industrial control host guards, etc.), from problem discovery, root cause analysis to configuration improvement. It can also provide batch processing function to batch configuration and distribution, greatly improving operation and maintenance efficiency.

2.A clearer global perspective:can easily view the topology, resource information, log and alarm information of the whole network, and support the export of custom statistical reports, so as to find hidden dangers and adjust and improve security policies from a macro perspective..

3.to protect the security of the whole network data:not only improves operational security through decentralized domain and policy management, but also supports data storage and transmission protection, data backup and other methods to protect data across the network.

4.Big Data Dynamic Analysis Capability:can not only better analyze the root cause of the problem, but also dynamically perceive the security status and trend of the whole network, and analyze the abnormal behavior and potential harm.

Customer Value

Specifications

Product Model	UMP-1000F
Architecture	x86
Memory	16GB
storage	2T
Installation Method	1URack
Enclosure	has a fan
Overall size (width/height/depth)	440mm44.5mm550mm
Weight	9.8kg
power consumption	300W
power supply	Redundant power supply
ConsoleInterface	1RJ45
USBInterface	2
management network port	1management network ports
Onboard Network Port	6gigabit ports
Expansion Slots	2
Panel LCD	have
work environment	temperature: 0 ℃ ~ 45 ℃; Humidity: 10% ~ 95% (non-condensing)
Storage Environment	temperature:-10 ℃ ~ 55 ℃; Humidity: 10% ~ 95% (non-condensing)

INA-200X-4E Product overview

Industrial Monitoring and Auditing SystemINA-200X-4E

1.Safety compliance:audit data security retention, to meet the network security compliance audit requirements, in line with network security laws and regulations, to meet the network area boundary, important network node security audit requirements.

2.Security:audit covers every user, monitors abnormal network behavior and network attacks, etc., and timely alarms, early detection of security risks, and provide reasonable security recommendations, early intervention in network governance, to avoid the risk of network and key facilities downtime, to avoid major losses. Security incident analysis fine-grained traffic reduction and audit capabilities, to solve the security real-time warning, to provide effective event reduction capabilities, enhance the ability of post-analysis, investigation and evidence collection, support security incident traceability and evidence collection, to avoid continuous damage to the industrial control system.

3.Easy to use:easy to deploy and maintain. Provide a variety of different models, to meet the needs of different environments, different industries, different scenarios.

4.Provides an intuitive and friendly web interface for easy use, management and maintenance:provides an open data interface, which can be easily integrated with the superior system to realize the comprehensive utilization of network security audit data.
Customer Value

Customer Value

1.Safety compliance:audit data security retention, to meet the network security compliance audit requirements, in line with network security laws and regulations, to meet the network area boundary, important network node security audit requirements.

2.Security:audit covers every user, monitors abnormal network behavior and network attacks, etc., and timely alarms, early detection of security risks, and provide reasonable security recommendations, early intervention in network governance, to avoid the risk of network and key facilities downtime, to avoid major losses. Security incident analysis fine-grained traffic reduction and audit capabilities, to solve the security real-time warning, to provide effective event reduction capabilities, enhance the ability of post-analysis, investigation and evidence collection, support security incident traceability and evidence collection, to avoid continuous damage to the industrial control system.

3.Easy to use:easy to deploy and maintain. Provide a variety of different models, to meet the needs of different environments, different industries, different scenarios.

Product Characteristics

1.Protocol depth inspection and flow reduction:deep packet analysis intelligent engine supports most mainstream industrial control protocols including ModbusTCP, IEC60870-5-104, DNP3.0, Siemens S7, CIP, Ethernet/IP TCP, Ethernet/IP UDP, Ethernet/IP IO, OPC DA, OPC UA, MMS, FINS and other protocols. The in-depth monitoring intelligent engine supports IP fragment reorganization and TCP segment restoration reorganization, and supports industrial malformation packet warning. The deep intelligent detection engine supports the instruction set of the industrial protocol and the flow reduction of the data message, which provides the basis for the industrial control network security event tracking.

2.Build a network map:intelligent learning equipment assets, communication interfaces and communication relationships..

3.Security audit and exception response:audit security events, trace the trajectory of security events in a timely manner; fine-grained audit of user behavior, easy to restore the truth of the operation; independent alarm response mechanism, can define the response to different levels of security events.

4.Real-time industrial network security monitoring:Real-time monitoring of industrial networks, auditing and statistical analysis of elements such as protocols, traffic, date and time, users, event types, and success of events, and real-time display of network security status.

Specifications

Product Model	INA-200X-4E
Architecture	x86
Hard Drive	128G SSD
Installation Method	Din-Railrail installation
Enclosure	No fan
Overall size (width/height/depth)	74mm148mm134mm
Weight	1.5kg
power consumption	45W
power supply	single power
power input range	24V 6-PinTerminal
ConsoleInterface	DB9Form 1
USBInterface	USB2.0 * 1 USB3.0 * 1
management network port	1management network ports
Onboard Network Port	4gigabit ports

IFW-200X-4E Product overview

Industrial Firewall IFW-200X-4E

has created a security protection product: Industrial Firewall (IFW). It takes the industrial whitelist policy as the main security protection means, adopts the adaptive security policy, carries on the deep analysis and policy control to the industrial protocol, can divide the security area between the industrial control system and other systems of the enterprise, and ensures the security technology isolation between the security areas, effectively solves the industrial network control security problems such as regional security and flow control, it is an indispensable device for enterprises to build safe and compliant industrial control systems, protecting industrial control networks from current and future security threats.
Customer Value

1.Insight into industrial protocols to identify security risksdeep identification of industrial protocols, the legitimacy of industrial protocols can be checked, and the source of control instructions, command sets, function code sets, and register ranges can be configured. For malformed network packets, instruction messages beyond the control range are blocked to ensure the safe operation of industrial equipment.

2.integration of a variety of security functions to ensure industrial network securityindustrial firewall combines the functions of the traditional firewall and the unique functions of industrial control security. It has a simple and efficient firewall strategy and an industrial protocol strategy with deep control. There are not only common DDOS attack defense, but also traffic control to prevent video and other traffic flooding. There are both security deployment in whitelist mode and re-screening of vulnerability blacklists on whitelist. It fully guarantees the security of industrial control network by deploying a three-dimensional protection system.

3.simple deployment, flexible configuration, security policy is no longer complexindustrial firewall mainly uses the white list self-learning method, supplemented by flexible function code configuration, which simplifies the deployment method. Most deployment users only need to click "Next" to complete. In addition, the automatic aggregation function of the white list reduces the difficulty of processing massive data.

4.template copy, unified control, simplify scale deploymentindustrial firewall can be managed on a stand-alone page or through a unified security management platform to facilitate group deployment. At the same time, it provides industrial templates, users can extract templates on demand, promote configuration templates, greatly simplifying the tedious steps of scale deployment.

Customer Value

Specifications

Product Model	IFW-200X-4E
Architecture	x86
Memory	8G
Hard Drive	128G SSD
Installation Method	Din-Railrail installation
Enclosure	No fan
Overall size (width/height/depth)	75mm * 147mm * 131mm
Weight	1.5kg
power consumption	45W
power supply	24V 6-PinTerminal
ConsoleInterface	DB9Form 1
USBInterface	USB2.0 * 1 USB3.0 * 1
management network port	1management network ports
Onboard Network Port	4gigabit ports
onboard bypass	2right

IFW-1000X Product overview

Industrial Firewall IFW-200X-4E

has created a security protection product: Industrial Firewall (IFW). It takes the industrial whitelist policy as the main security protection means, adopts the adaptive security policy, carries on the deep analysis and policy control to the industrial protocol, can divide the security area between the industrial control system and other systems of the enterprise, and ensures the security technology isolation between the security areas, effectively solves the industrial network control security problems such as regional security and flow control, it is an indispensable device for enterprises to build safe and compliant industrial control systems, protecting industrial control networks from current and future security threats.
Customer Value

OUR PHILOSOPHY

1.Insight into industrial protocols to identify security risksdeep identification of industrial protocols, the legitimacy of industrial protocols can be checked, and the source of control instructions, command sets, function code sets, and register ranges can be configured. For malformed network packets, instruction messages beyond the control range are blocked to ensure the safe operation of industrial equipment.

2.integration of a variety of security functions to ensure industrial network securityindustrial firewall combines the functions of the traditional firewall and the unique functions of industrial control security. It has a simple and efficient firewall strategy and an industrial protocol strategy with deep control. There are not only common DDOS attack defense, but also traffic control to prevent video and other traffic flooding. There are both security deployment in whitelist mode and re-screening of vulnerability blacklists on whitelist. It fully guarantees the security of industrial control network by deploying a three-dimensional protection system.

3.simple deployment, flexible configuration, security policy is no longer complexindustrial firewall mainly uses the white list self-learning method, supplemented by flexible function code configuration, which simplifies the deployment method. Most deployment users only need to click "Next" to complete. In addition, the automatic aggregation function of the white list reduces the difficulty of processing massive data.

4.template copy, unified control, simplify scale deploymentindustrial firewall can be managed on a stand-alone page or through a unified security management platform for unified management, which is convenient for group deployment. At the same time, it provides industrial templates, users can extract templates on demand, promote configuration templates, greatly simplifying the tedious steps of scale deployment.

Customer Value

Specifications

Product Model	IFW-1000X-2F8E	IFW-1000X-6F4E
Architecture	x86	x86
Memory	16G	16G
Hard Drive	128G SSD	128G SSD
Installation Method	Rack Mounting	Rack Mounting
Enclosure	No fan	No fan
Overall size (width/height/depth)	442mm44.4mm358mm	442mm44.4mm358mm
Weight	7.4kg	7.4kg
power consumption	80W	80W
power supply	220VRedundancy	220VRedundancy
ConsoleInterface	RJ45Form 1	RJ45Form 1
USBInterface	USB2.0 * 2	USB2.0 * 2
management network port	1management network ports 1 HA interface	1management network ports 1 HA interface
Onboard Network Port	8gigabit ports 2 Gigabit optical ports	8gigabit ports 2 Gigabit optical ports
onboard bypass	4right	2right

Anti-Ransomware Product Overview

Anti-Ransomware

ransomware attack can be divided into three stages: "before, during and after". From the point of view of attack means, it is not difficult to find that the unrepaired vulnerability is like an open door, which becomes an important breakthrough for ransomware to infiltrate the enterprise defense system. Finding unknown vulnerabilities is a challenge. Effectively blocking the use of unknown vulnerabilities and cutting off the blackmail virus in its infancy is the basis for preventing blackmail attacks. Combined with the transmission mode and attack process of ransomware attacks, targeted anti-ransomware is introduced. For ransomware attacks, kernel-level comprehensive monitoring is carried out from two dimensions of system vulnerability repair and blocking vulnerability exploitation, from multiple dimensions of network, file, process and registry, and abnormal behaviors and calls are intercepted, thus preventing the occurrence of vulnerability exploitation attacks including 0day. In addition, the industrial anti-ransomware system detects the network packets and behaviors flowing into the machine, and can intercept vulnerability attacks at the network layer according to policies to block external attacks. Anti-ransomware products have four functions: evaluation, reinforcement, protection, backup and recovery, which can accurately block blackmail attacks and improve the security of IT infrastructure.
Customer Value

Customer Value

1.Data protection:anti-ransomware software can effectively prevent critical enterprise data from being maliciously encrypted and protect business operations from being affected.

2.Financial Savings:By preventing ransomware attacks, businesses avoid paying high ransoms and reduce potential financial losses.

3.reputation maintenance:anti-ransomware helps businesses protect customer information and avoid reputational damage due to data breaches.

4.Business Continuity:with effective anti-ransomware software, enterprises can respond quickly when attacks occur, ensuring uninterrupted business

Product Characteristics

1.Assess risks and reduce network exposurechecks the security baseline of the host, evaluates whether the terminal has risks such as exploitable vulnerabilities, weak passwords, and open unsafe ports, discovers security risks in time before security incidents occur, evaluates regularly, and determines the security risk level of the host according to the evaluation results.

2.system reinforcement, blocking propagation entranceEffective protection for disk boot area, system registry, key configuration items, etc., prevents ransomware from using host system risks to penetrate and spread, and regularly reinforces the system according to the risk assessment results to continuously reduce system security risks.

3.Built-in antivirus engine, found known ransomwarevirus feature matching is one of the most common ransomware killing technology, through the sample feature matching, for known viruses, this method is the simplest and most direct method. The heuristic scanning technique is actually a dynamic height or decompiler implemented in a specific way to gradually understand and determine the real motivation of the relevant instruction sequence by decompilating it. For virus samples with shells, regular anti-virus methods cannot be effectively found and processed, and the problem of shells is usually handled by dynamic unshelling of virtual machines.

4.blackmail behavior detection, blocking unknown blackmail attacksransomware software has typical behaviors such as disk/file system traversal, ending process, clearing service, encrypting files, encrypting disks, volume shadow deletion, backup deletion, etc. By detecting typical behaviors of ransomware, ransomware intrusion and destruction can be effectively found, blackmail process can be blocked or terminated in time, and system security can be protected.

5.blackmail virus trapping, active lure ransomware appearedransomware typically traverses the disk, reading and writing files. Some files are randomly generated on the disk. These files have no meaning for normal applications and system processes and are generally not accessed. Monitoring the access of bait files, if there is a program to operate on these trap files, it is very likely to be a ransomware attack.

6.regular data backup to ensure uninterrupted business operationAnti-Ransomware supports local data backup and external professional backup recovery system, local data backup, protection of core data, data stored in the local designated disk, no additional cost.

Specifications

Product Model	ARS-W
boot time	Anti-Ransomware startup causes a delay in system boot time of less than 10 seconds
memory footprint	occupies less than 20M of system memory during normal operation.
CPUoccupied	operating system startup and large application startup, the CPU usage does not increase by more than 5%
Operating System Impact	has no effect on operating system functions
memory leak	The software runs without memory leaks, can run stably for a long time, and will not affect the normal functions of the host
Support windows System Operating System	Support Win XP, Win7, Win8, Win10, Win11, Windows2003 Server, Windows2008 Server, Windows2012 Server, Windows2016 Server, Windows2019 Server, including 32-bit and 64-bit systems
disc size (width/height/depth)	140mm * 190mm * 20mm
Weight	20g

Industrial Control Host Guard Product Overview

industrial control host guard

Industrial control host guard is a protective product tailored for industrial control host. It can monitor the process status of the host, USB port status, the use of file load execution control, mandatory access control, integrity protection and other technical means to enhance the security function of the operating system, to make up for the general operating system security is not high defects, improve the security protection ability of the operating system, to build a strictly controlled host security environment.
Customer Value

Customer Value

1.Whitelist protection for trusted applicationsis based on a trusted whitelist mechanism, application signature, certificate and other inspection mechanisms, any program is checked for features before loading, and only programs that meet the whitelist features can enter the running state, thus terminating malicious programs before they are started..

2.Whitelist control of removable storage mediarestrict unauthorized USB peripherals to run on a specific host, allowing only authorized trusted USB devices to be used on the host, defending against attacks using removable storage media types. Mobile storage media security policy, can be subdivided into read and write, prohibit, etc..

3.Integrity protection of specific objectsapplication integrity protection and operating system integrity protection to protect the operating environment and process space running security, to prevent the operating environment from being tampered with and backdoor use, buffer overflow.

4.attack protection of industrial control environmentcan effectively prevent earthquake net, Havex, sand worm and other industrial control viruses and their variants, the use of mobile storage media on the industrial control host can also be prevented.

1) System reinforcementIntegrity protection of files in the specified directory to prevent malicious programs from tampering or misoperation to inject, modify or delete target files; can specify registry information to protect its integrity to prevent tampering; one-click to block various blackmail viruses and their variants.

2) Application Protectionthe application whitelist and prohibit the loading and execution of programs other than the whitelist. Program integrity check: confirm the integrity of the program through fingerprint data such as certificate, version, check value, etc., so as to prevent the program from being infected by virus or tampered with from running.

3) White list managementwhite list generation, through the automatic scanning function, the establishment of white list; import and export white list, provide the import and export function of white list.

4) Whitelist Updateyou need to run new programs, add new network services and USB devices, you can easily update these new settings to the whitelist.

5) security U diskMobile storage devices based on encryption chips need to be used with industrial control host guards. Security U disk has two partitions: public area and encryption area. The data in the public area is stored in plaintext and can be read and written by all machines. The area is used to exchange data with the external network. The data in the encryption area can only be read and written by machines equipped with host guards to realize the exclusive use of the area.

6) Mobile storage media controlmobile storage media connections can generate security events; mobile storage media can be whitelisted, read, write, and disable authorization management; mobile storage media connections and data copies produce audit records.

Product Characteristics

Specifications

Product Model	ISG-200
Normal Operation Resource Usage	normal operation state CPU consumption is not more than 1%, memory consumption is not more than 20MB
Curing Process Resource Occupancy	CPUusage does not exceed 50%, memory usage does not exceed 40MB
Compatibility	supports 32-bit and 64-bit Windows/Linux operating systems and can run on the following operating systems: Windows:Windows XP/7/8/10/11,Windows Server 2003/2008/2012/2016 in Chinese and English supports Centos, Redhat, Ubuntu and other Linux operating systems supports domestic operating systems such as Concination, Winning Kirin, Galaxy Kirin, Kirin Principal, and New Start.
disc size (width/height/depth)	140mm * 190mm * 20mm
Weight	20g

NS3116

NS2108

N4800-S

N1600-S

N1200-S

Industrial Monitoring and Auditing SystemINA-200X-4E

Anti-Ransomware

industrial control host guard