The practical implementation of network segmentation in expanding structures is usually difficult to achieve, and involves connecting networks from large CNC machining centres into a complex overall system through various terminal devices, including the smallest embedded devices such as sensors, actuators or switches.
Since traditional segmentation is accomplished using routers on the IP level, this almost always requires cumbersome reconfiguration of the IP basic parameters of all the components involved. If the required access data are available at all, there is still an extremely high risk of errors. As such, the resulting troubleshooting inevitably results in a production standstill.
To prevent such stoppages as well as to protect such components for which the access parameters have gotten lost, microcomputer manufacturer Wiesemann & Theis (W&T) has developed the Microwall Bridge, described as a quasi plug-and-play solution in two steps. First, the devices to be protected or function groups are combined on the physical level using Ethernet switches. The uplink to the surrounding main network remains intact during this phase, so that the only dropout is while the network cable is actually plugged in. Then, the Microwall Bridge is switched to the uplink for the main network. The web interface is used to release the needed communication connections between main and isolated network, while the IP setup of the relevant devices remains untouched.
The IP-transparent security enhancement minimises not only the otherwise common dropout risk thanks to its minimal integration effort, but also offers a simple emergency fallback in case a device fails. The Microwall Bridge is designed to protect vulnerable systems from malware and undesired access, including machines or older systems such as services having known security gaps. Whitelist-based filter rules ensure that only explicitly enabled communication takes place.
The Microwall Bridge is available from Wiesemann & Theis for €398, with commercial customers able to test the technology for four weeks at no charge.
