NetWall USG
One-way security gateway for IT and OT
NetWall USG provides real-time access to OT data and enables secure data transfer to the OT environment without compromising the security and integrity of your critical production systems.
NetWall USG provides
- Lossless, unidirectional data communication
- Isolates OT/ICS assets from cyber attacks
- Prevents malicious C&C communications from OT networks
- Segregates and protects networks, devices, CADA, DCS, HMI and PLCs
- Seamless integration with OPSWAT MetaDefender Kiosk and Vault
- Secure transfer of software updates and other files to a protected domain
NetWall USG – Guaranteed delivery of data
No data loss
The mechanism that guarantees data delivery ensures reliable operation and saves valuable bandwidth.
No overruns
An anti-overload mechanism eliminates data overflow, retransmissions and synchronization problems.
Without a return path
A networked serial connection between a pair of NetWall USG servers enforces unidirectional data flow.
Scalable industrial cyber security
OPSWAT NetWall USG consists of two 1U server devices with a non-network serial connection between them
Easy implementation
The pre-configured platform deploys quickly and seamlessly.
High scalability
Choose a bandwidth of 50Mbit, 100Mbit, 1Gbit or 10Gbit – all software can be selected to meet current and future requirements.
Easy to use
Ready to use within minutes after a one-time setup. No auditing or firewall configuration is required.
Full support for industrial protocols
It includes OPC DA, A&E and UA, as well as Modbus/TCP, file transfer and TCP/UDP sockets.
Transparency for users
Fast and faithful data replication means that there is no need to change the work procedures of corporate users.
Ensures regulatory compliance
Ensures compliance with industry cyber security standards:
NERC CIP, NIST CSF, ICS, 800-82, 800-53, IEC 62443
NRC 5.71, CFATS, ISO 27001, 27032, 27103, ANSSI, IIC SF and others.
Protection against industrial attack techniques presented by MITRE ATT&CK for ICS.
Secure file transfer from IT to OT resources
NetWall vs. Firewall, router rules and VLANs
True one-way behavior, with no routable connections to the protected zone.
| Function | OPSWAT NetWall | Other network solutions |
|---|---|---|
|
Routing configuration |
|
|
|
Interruption of protocol, complete removal from TCP/IP connection |
|
|
|
Meets the functional requirements of data diodes |
|
|
|
Guaranteed delivery with non-rejectable data traffic |
|
|
|
No complex rule-building |
|
|
|
Guaranteed prevention of malware propagation |
|
|
|
No ARP, BGP, TCP/IP handshake. |
|
|
NetWall vs. hardware data diodes
Reliable data transfer and replication without compromise.
| Function | OPSWAT NetWall | Data Diodes |
|---|---|---|
|
One-way gate |
|
|
|
Complete interruption of the protocol |
|
|
|
Support all industrial protocols without the need for manufacturer's HW and SW |
|
|
|
Guaranteed data delivery |
|
|
|
Efficient data synchronization and replication |
|
|
|
Improving throughput (reducing the number of transmission repetitions) |
|
|
|
Same hardware for bandwidths from 50 Mbit/s to 10 Gbit/s |
|
|
|
Hardware dongle for administrator access |
|
|
|
Quick and easy implementation |
|
|
|
Cost-effectiveness through competitive subscription options |
Content |
Content |
