- November 16, 2018
November 16, 2018 - Siemens has extended the Scalance SC-600 Industrial Security Appliances to include more functionality for protection of production networks. The devices now have a Bridge Firewall, support redundant network structures, and allow user-specific firewalls.
The Bridge Firewall allows devices to be used in flat networks. Furthermore, Layer 3 and Layer 2 data can now be filtered. This enables users to securely access automation components in Profinet cells for maintenance purposes, for example. Industrial Security Appliances can be used with the Service Bridge (a correspondingly configured Industrial Ethernet switch from the Scalance XC-200 product line) as well as with other applications.
The devices can also be integrated into redundant network infrastructures. Supporting two redundancy protocols for Layer 2 and Layer 3 eliminates the need for additional switches on the security transitions. The Media Redundancy Protocol (MRP) enables the SC-600 to be integrated on the Layer 2 level as Profinet devices in the Profinet ring redundancy without needing an additional managed Industrial Ethernet switch. In the event of a ring break, all network components in the ring switch to the redundant path within 200 ms and thus avoid a production stoppage in the event of a fault. Furthermore, the support of the Virtual Router Redundancy Protocol (VRRP) allows redundancy on Layer 3. This enables users to group the Scalance SC-600 together with other routers in the network in one logical group. If the router defined as the master fails, another router in the logical group takes over the function of the default router.
The third innovation is support for user-specific firewalls. Specific firewall rules allow not only device-specific but also user-specific filtering of the data. This enables users to assign differing rights.
Support of all device versions in the Sinec NMS network management software allows the complete, uniform configuration of all the Scalance network components on a management platform. Use of the digital input together with the signaling contact allows, for example, the activation and deactivation of the VPN tunnel via the management platform for remote networks, Sinema Remote Connect.