MOXA has introduced IDS/IPS intrusion detection and prevention system based on EDR-G9010 industrial router and MXsecurity software to protect critical network infrastructure from cyber-attacks. EDR-G9010 is a multi-functional router with firewall, NAT, VPN and switch functions, and MXsecurity is a real-time cyber threat detection and central management software for EDR-G9010 series routers.
The EDR-G9010 router has 8 copper gigabit ports and two 2.5 gigabit SFP ports for optical modules, including modules with WDM technology for data transmission over a single optical fiber. The EDR-G9010 supports Secure Boot and boots in less than 30 seconds. The router is capable of operating in a wide temperature range from -40 to 75°C and is certified for use in various industries, including: oil and gas, transportation, railway, marine and electric power management.
With firewall, NAT and VPN functions, the EDR-G9010 router provides basic network security mechanisms, and support for VRRP, RSTP and Turbo Ring protocols allows you to organize network redundancy and ensure the continuity of data transmission. In addition, the EDR-G9010 provides deep packet inspection for Modbus TCP/UDP, DNP3, IEC 60870-5-104 and IEC 61850 MMS protocols, which adds industrial protocol level command filtering and prevents dangerous operations. Optionally, the EDR-G9010 router can add a license for the IDS / IPS intrusion detection and prevention system to the functions above, which allows you to detect abnormal network activity in a timely manner, prevent cyber-attacks and minimize negative consequences.
MXsecurity software is designed for centralized management and monitoring of EDR-G9010 series routers, as well as for mass deployment of security policies, firmware and signature updates. In addition, MXsecurity displays real-time network activity, instantly alerts you to threats, and automatically collects an event log.
A license must be purchased to use MXsecurity software and the IDS/IPS feature.
Available types of licenses are:
- MXsecurity software license for centralized management of routers
- IPS license for a specific router
- IPS license for MXsecurity
To add the IDS/IPS function to the EDR-G9010, you can either buy an IPS license for a specific router, or purchase a license for MXsecurity software + an IPS license for MXsecurity, then you do not need an IPS license for a specific router.
Key features of the EDR-G9010 industrial router:
| Name | Description |
|---|---|
| Ethernet ports |
8x 10/100/1000BaseT(X), RJ45 2x 1000BaseSFP |
| Redundancy protocols | RSTP, STP, Turbo Ring v2 |
| Routing |
Up to 350kpps Up to 4k routing rules Support for VRRP redundancy protocol Support for OSPF, RIPV1/V2, Static Route |
| Security | Secure Boot, IPsec, L2TP (server), RADIUS, Trust access control |
| Time synchronization | NTP Server/Client, SNTP |
| VLAN | Up to 16 VLAN |
| DoS and DDoS protection | Technologies ARP-Flood, FIN Scan, ICMP-Death, NEWWithout-SYN Scan, NMAP-ID Scan, NMAPXmas Scan, Null Scan, SYN/FIN Scan, SYN/RST Scan, SYN-Flood, Xmas Scan |
| Firewall | Filters: DDoS, Ethernet protocols, ICMP, IP, MAC, ports Up to 350kpps |
| Deep packet inspection DPI |
Modbus TCP / UDP DNP3 IEC 60870-5-104 IEC 61850 MMS |
| IPsec VPN |
Up to 250 IPsec VPN tunnels Protocols IPsec, L2TP (server), PPTP (client) |
| NAT | 1-to-1, N-to-1, Port forwarding |
| Power requirements | 12/24/48 V DC |
| Dimensions | 58 x 135 x 105 mm |
| Operational temperature |
EDR-G9010-VPN-2MGSFP: -10…60°C EDR-G9010-VPN2MGSFP-T: -40…75°C |
| Certificates |
EN 55032/35 EN 50121-4 NEMA TS2 IEC 60945, DNV-GL IEEE 1613, IEC 61850-3 Edition 2.0 ATEX, Class I Division 2 IEC 62443-4-2 is in the process of certifying |
| MTBF | 1080807 hours |
