Introducing partner products offering a variety of solutions for customers along with the FA-M3.
You can also use the I/O open mechanism to develop customized original modules.
Partner products
Partner products offer a variety of solutions for customers along with the FA-M3.
It consists of products of all genres, whether software or hardware.
You can also develop original modules (see the Original Module Development page).
Security equipment
Next-generation industrial IPS : EdgeIPSTM by TrendMicro Incorporated
EdgeIPS is a transparent IPS for industries that installs in-line before critical assets such as HMIs and PLCs to prevent vulnerabilities and unauthorized access without changing the NW architecture of existing installations, thereby helping to stabilize production lines.
Next-generation industrial IPS for large-scale networks: EdgeIPSTM Pro by TrendMicro Incorporated
EdgeIPS Pro is an industrial IPS for large-scale networks that supports stable operation of production lines by preventing vulnerabilities and unauthorized access. By installing in-line under core switches, critical assets such as distributed networks or multiple HMI and PLC units can be secured without changing the NW architecture of existing installations.
Next-generation industrial firewall: EdgeFireTM by TrendMicro Incorporated
EdgeFire is a next-generation industrial firewall that helps stabilize new production lines and reduce security risks when connecting vulnerable groups of equipment to new networks by separating networks by production line and countering vulnerabilities.
Centralized Security Management Console: OT Defense ConsoleTM by TrendMicro Incorporated
OT Defense Console is an integrated management and monitoring tool for information such as: the number of connected industrial control devices protected by EdgeIPS, EdgeIPS Pro, and EdgeFire; the device and manufacturer names; IP addresses; OS versions; and usage protocols for the devices.
Disclaimer
The company does not warrant the accuracy, completeness, fairness, appropriateness, accessibility, or availability of the partner's product information listed on this website. For updates, please consult with the partners listed.
Details
Next-generation industrial IPS: EdgeIPSTM (TrendMicro Incorporated)
EdgeIPS is a transparent IPS for industries that installs in-line before critical assets such as HMIs and PLCs to prevent vulnerabilities and unauthorized access without changing the NW architecture of existing installations, thereby helping to stabilize production lines.
To the product page
(To the Trend Micro website)
*OT Defense Console (a separate product for centralized management) is required for managing EdgeIPS and remote distribution of IPS filters (signatures), etc.
Features
Protecting and visualizing critical assets
- Protect critical assets with FW, IPS, protocol filters, DoS prevention, and more
- Priority support for industrial protocols used in the Japanese market
- Provides high-precision industrial IPS filters utilizing ZDI knowledge
- Visualize asset information and used protocol information
Easy operation
- Transparent IPS enables deployment without changing the NW architecture of existing installations
- Compact size, easy to install in control boards
- Fast recovery with Zero-Configuration (planned)
- Per-unit management with CLI/Web Console
- Centralized management and monitoring with OT Defense Console (ODC)
- Operations and management in a closed environment (planned)
- Visualize network configuration (planned)
Highly reliabile hardware
- Fanless design
- Supports redundant input power
- Operating temperature range: -40 to +75 ℃
- 5-year hardware warranty
- Certified for various technical conformities (planned)
- Self-death monitoring and automatic recovery (planned)
- Hardware bypass
Main functions
Item | EdgeIPS |
---|---|
Policy Enforcement(Firewall) | Control communications by IP address and port number. |
DoS Prevention | Detect and block DoS attacks such as TCP SYN Flood and ICMP Flood. |
IPS |
Detect and block vulnerability attacks such as on OS and industrial applications. Leverage vulnerability information gathered by the Zero Day Initiative (ZDI)—a vulnerability discovery community of more than 3,000 researchers from about 80 countries around the world—to quickly provide high-precision IPS filters. |
Protocol Filter |
Detect and block unauthorized access and manipulation by controlling communications based on commands in industrial protocols. |
Visualize assets |
By inspecting packets passing through EdgeIPS, you can visualize information on existing assets under control and protocols used, making it easy to ascertain the status of assets. |
Switch between Detection and Block mode |
You can switch the various security functions flexibly between operating modes to simplify verification during initial deployment. |
CLI/Web Console |
Perform configuration via command line or web console. |
Zero-Configuration(planned) |
Save configuration in advance to USB storage for quick recovery when replacing faulty hardware. |
Centralized management |
By using OT Defense Console (ODC, sold separately), you can control and monitor managed EdgeIPS in an integrated manner to further improve interoperability. |
* Since OT Defense Console is required when activating EdgeIPS, you must purchase it when you deploy EdgeIPS.
Deployment
Transparent for enhanced security without changing the network settings of existing equipment
|
Next-generation industrial IPS for large-scale networks: EdgeIPSTM Pro (TrendMicro Incorporated)
EdgeIPS Pro is an industrial IPS for large-scale networks that supports stable operation of production lines by preventing vulnerabilities and unauthorized access. By installing in-line controlled by core switches, critical assets such as distributed networks or multiple HMI and PLC units can be secured without changing the NW architecture of existing installations.
To the product page
(To the Trend Micro website)
Features
Protecting and visualizing critical assets
- Protect critical assets with FW, IPS, protocol filters, DoS prevention, and more
- Provides high-precision industrial IPS filters utilizing ZDI knowledge
- Visualize asset information and used protocol information
Easy operation
- Centralized management and monitoring with OT Defense Console (ODC)
- Manage individually on the web console
- Transparent IPS enables deployment without changing the NW architecture of existing installations
- Fast recovery with Zero-Configuration (planned)
High performance/high scalability/high availability
- Throughput 1048: 10 Gbps/2096: 20 Gbps
- Expandable IO modules (12 pairs) (1048: 2 Slots/2096: 4 Slots)
- Supports redundant input power
- Self-death monitoring and automatic recovery (planned)
- Hardware bypass (1048: 24 Pairs/2096: 48 pairs)
- Redundant architecture
Main functions
Item | EdgeIPS Pro |
---|---|
Policy Enforcement (Firewall) | Control communications by IP address and port number. |
DoS Prevention | Detect and block DoS attacks such as TCP SYN Flood and ICMP Flood. |
IPS |
Detect and block vulnerability attacks such as on OS and industrial applications. Leverage vulnerability information gathered by the Zero Day Initiative (ZDI)—a vulnerability discovery community of more than 3,000 researchers from about 80 countries around the world—to quickly provide high-precision IPS filters. |
Protocol Filter |
Detect and block unauthorized access and manipulation by controlling communications based on commands in industrial protocols. |
Visualize assets |
By inspecting packets passing through EdgeIPS Pro, you can visualize information on existing assets under control and protocols used, making it easy to ascertain the status of assets. |
Switch HW bypass | Enable (fail-open) or disable (fail-close) HW bypass for each port pair. |
Switch between Detection and Block mode |
You can switch between operating modes of security functions to simplify verification during initial deployment. |
Web Console |
Perform configuration via command line or web console. |
Centralized management |
By using OT Defense Console (ODC, sold separately), you can control and monitor managed EdgeIPS Pro in an integrated manner to further improve interoperability. |
*Since OT Defense Console is required when activating EdgeIPS Pro, you must purchase it when you deploy EdgeIPS Pro.
Deployment
Transparent for enhanced security without changing the network settings of existing equipment Example:
|
Next-generation industrial firewall: EdgeFireTM (TrendMicro Incorporated)
EdgeFire is an industrial security appliance that separates networks and counters vulnerability attacks on individual production lines by stabilizing new production lines and reducing security risks when connecting vulnerable groups of equipment to new networks.
To the product page
(To the Trend Micro website)
* OT Defense Console for centralized management (sold separately) is required to manage EdgeFireTM and remotely distribute IPS filters (signatures).
*EdgeFireTM power supply and power cable must be provided separately. The power cable terminals require ferrule processing.
Features
Building safer NW segments
- FW, NAT, protocol filters, VLAN, VPN(planned), and more
- Provides high-precision industrial IPS filters utilizing ZDI knowledge
- Visualize information on assets and protocols used
Easy operation
- Front wiring
- Manage individually on the web console
- Centralized management and monitoring with OT Defense Console (ODC)
- Fast recovery with Zero-Configuration (planned)
- Operations and management in a closed environment (planned)
- Visualize network configuration (planned)
Highly reliabile hardware
- Fanless design
- Supports redundant input power
- Operating temperature range: -40 to +75 ℃
- 5-year hardware warranty
- HA Configuration (planned)
Main function
Item | EdgeFire |
---|---|
Policy Enforcement (Firewall) | Control communications by IP address and port number. |
NAT | Static/Dynamic NAT, address changes with static NAPT. |
VLAN | Network isolation with Port VLAN and Tag VLAN. |
DoS Prevention | Detect and block DoS attacks such as TCP SYN Flood and ICMP Flood. |
IPS |
Detect and block vulnerability attacks such as on OS and industrial applications. Leverage vulnerability information gathered by the Zero Day Initiative (ZDI)—a vulnerability discovery community of more than 3,000 researchers from about 80 countries around the world—to quickly provide high-precision IPS filters. |
Protocol Filter |
Detect and block unauthorized access and manipulation by controlling communications based on commands in industrial protocols. |
Visualize assets |
By inspecting packets passing through EdgeFire, you can visualize information on existing assets under control and protocols used, making it easy to ascertain the status of assets. |
Switch between Detection and Block mode |
You can switch the various security functions flexibly between operating modes to simplify verification during initial deployment. |
CLI/Web Console |
Perform configuration via command line or web console. |
Zero-Configuration(Planned) |
Save configuration in advance to USB storage for quick recovery when replacing faulty hardware |
Centralized management |
By using OT Defense Console (ODC, sold separately), you can control and monitor managed EdgeFire in an integrated manner to further improve interoperability. |
* Since OT Defense Console is required when activating EdgeFire, you must purchase it when you deploy EdgeFire.
Deployment
Limit access (network isolation via FW/NAT, etc.)
- Making the historian in production line A accessible only from certain servers in the DMZ reduces the risk from unauthorized communications between other equipment in production line A and external NW, as well as the risk from worm infections and other attacks targeting other services in the historian.
Prevent vulnerability attacks from within the accessible range
(Prevent vulnerability attacks and worm infections with IPS)
- If a specific server in the DMZ that allowed communication with Historian in production line A is attacked, even if the vulnerability attack targets Historian through that server, IPS blocks the attack.
- Even if EWS infects production line A with a worm such as DOWNAD via a USB memory or WannaCry via a portable terminal, it prevents the worm from spreading beyond the network of production line A.
Prevent illegal operation from within the accessibile range
(Prevent illegal operation with protocol filters)
- In an environment where the VLAN is disconnected from LAN1 (to which the historian, HMI, and EWS are connected) and LAN2 (to which control equipment such as a PLC is connected) in production line A, and only communication between the HMI and PLC is permitted, it is only possible to read parameters from the HMI to the PLC. Other operations are prohibited (such as parameter settings and program overwriting), thus preventing illegal operations.
- Parameter settings (write) and reading (read) from the MES are possible when the PLC in production line A is connected to the MES (Manufacturing Execution System) present in the upstream NW, but program rewrite (config) is prohibited to prevent unauthorized operations.
* Since there are restrictions on east-west IPS and protocol filters, use EdgeIPS when aiming to prevent horizontal infection.
Centralized security management console: OT Defence ConsoleTM (TrendMicro Incorporated)
OT Defense Console is an integrated management and monitoring tool for information such as: the number of connected industrial control devices protected by EdgeIPS, EdgeIPS Pro, and EdgeFire; the device and manufacturer names; IP addresses; OS versions; and usage protocols for the devices.
To the product page
(To the Trend Micro website)
Features
Centralized management makes operations more efficient
- Install at each plant for centralized management of EdgeIPS, EdgeFire, and other devices
- Manage and apply multiple policies via group settings
- Distribute IPS filters (signature files) to each device
Visualize security events and more
- Aggregate detected and blocked security events
- Visualize asset information collected by managed devices
- View total traffic by IT/OT protocol and application traffic for each asset in real time
External server connection via syslog transmission
- Automatically send syslog to installed syslog servers
Main functions
Item |
OT Defence Console |
---|---|
Dashboard | Displays security events detected by all devices registered with ODC, traffic information by IT/OT, and other information to help you understand the situation in the factory. |
Visualize networks | Displays the equipment information detected by all devices registered with ODC. Displays the status of network traffic, including information such as model names for each facility, application protocols, and control protocols, and contributes to understanding assets in the factory. |
Manage groups | Devices registered with ODC can be configured in groups, with different security settings for each installation location and factory. |
Manage signatures and firmware | Download signature files and firmware from an update server on the Internet to the ODC, and manually upload to the ODC. Control delivery of signature files to devices in groups. |
Manage logs |
Aggregate logs sent from devices. Identify the scope of impact when a security event occurs. |
Manage accounts |
You can configure multiple function-specific permissions for users who need access to the ODC. |
Looking for more information on our people, technology and solutions?
Contact Us