Sản phẩm

Cisco ISA3000

Giá bán: Liên hệ

Lượt xem: 154

Chi tiết sản phẩm

Thiết bị mạng Router Firewall Cisco ISA3000

Mã hàng :    ISA3000

Nhà sản xuất :       Cisco

Product overview

The Cisco® Secure Firewall ISA3000 is a true industrial firewall that provides OT-targeted protection based on proven enterprise-class security.

The ISA3000, with four data links, is a DIN rail mount, ruggedized appliance that provides the widest range of access, threat, and application controls for the harshest and most demanding industrial environments.

Cisco ISA 3000 with two copper and two fiber ports (left) or four copper ports (right)

Figure 1.               

Cisco Secure Firewall ISA3000 with two copper and two fiber ports (left) or four copper ports (right)

The ISA3000 bundles the proven security of the Cisco Secure Firewall with the visibility and control of industrial protocols and applications developed by leading automation vendors such as Omron, Rockwell, GE, Schneider, Siemens, and others. The ISA3000 is key as you start converging IT and OT security and capturing the benefits of your industrial digitization efforts.

As a foundational component of your IoT/OT security journey, the ISA3000 is the ideal ruggedized firewall to segment industrial networks, protect OT assets from potential threats, and build compliance with a variety of industrial standards, regulations, and guidelines such as NERC-CIP, ISA99/IEC62443, CFATS, ANSI/AWWA G430, and others.

Certified for deployment in the most demanding industries (power utilities, oil and gas, transportation, mining, manufacturing, water utilities, and more), the ISA3000 is widely used as a DMZ firewall to connect small, distributed industrial sites, enforce segmentation of large internal networks, and manage VPN connections to enable secure management of remote assets and seamless distributed operations.

The ISA3000 protects industrial processes and vulnerable control equipment. It leverages industry-leading threat detection and vulnerability exploit protection rules developed by Cisco Talos®, including thousands of industrial-focused rules. Using OpenAppID and Deep Packet Inspection (DPI) of industrial protocols, it even lets you write your own custom detectors to create alerts and block or allow traffic based on the industrial application flows you most care about. Cisco Advanced Malware Protection (AMP) is also built in to continuously track suspect file propagation.

Managed through either a user-friendly on-box device manager, on-premises centralized management, or a cloud-based management solution, the ISA3000 provides industrial-focused, out-of-the-box configuration and simplified operational management. And because these management tools are the same you already use with Cisco firewalls in your IT domain, it is easy to extend IT security to OT and enforce consistent security policies across domains.

As part of Cisco’s comprehensive security portfolio, the ISA3000 interacts with your existing tools to deliver an integrated IT/OT security workflow. Cisco Cyber Vision provides host attribute information to enable construction of meaningful and contextual security policies. Cisco Identity Services Engine (ISE) can be leveraged to exchange unified policy updates as well as host context information using Security Group Tags (SGTs) for security enforcement. The ISA3000 can also exchange NetFlow information with Cisco Stealthwatch® to provide network-level context information. The ISA3000 provides insights and alerts to Cisco SecureX to streamline event triage and correlation, enabling coordinated, single-click defenses.

With the ISA3000, you can build a secure IoT/OT infrastructure and leverage your existing IT security tools and expertise to help ensure production integrity, continuity, and safety.

Your ruggedized choice for industrial firewall deployments

The Cisco Secure Firewall ISA3000 offers:

     Controlled traffic to, from, and between manufacturing cells or industrial zones

     Secured WAN connectivity for power substations and isolated industrial assets

     Flexible and secure enterprise-class remote access

     Critical network infrastructure services such as IP routing, NAT, DNS, DHCP, and more

     Unequaled threat protection for every level of networking and computing — from the switch, router, OS, and compute infrastructure to industrial control systems

     Wide support for industrial protocols for visibility and control over every level of your applications in both the industrial and enterprise space

     More levels of traffic continuity safety than other offerings in the industrial space

     Common Criteria for IT security certification.