EDR-G902 Series

Introduction
The EDR-G902 is a high-performance, industrial VPN server with a firewall/NAT all-in-one secure router. It is designed for Ethernet-based security applications on critical remote control or monitoring networks, and it provides an Electronic Security Perimeter for the protection of critical cyber assets including pumping stations, DCS, PLC systems on oil rigs, and water treatment systems. The EDR-G902 Series includes the following cybersecurity features:

  • Virtual Private Network (VPN): VPNs are designed to provide users with secure communication links when accessing a private network from the public Internet. They use IPsec (IP Security) server or client mode for encryption and authentication of all IP packets at the network layer to ensure confidentiality and sender authentication.
  • Firewall: Controls network traffic between different trust zones. Network Address Translation (NAT), which shields the internal LAN from unauthorized activity from outside hosts.

 

The EDR-G902’s Quick Automation Profile function supports most common fieldbus protocols, including EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, Modbus TCP, and PROFINET. Users can easily create a secure Ethernet Fieldbus network from a user-friendly web UI with a single click. In addition, Moxa’s PacketGuard technology (Deep Packet Inspection) helps to filter Modbus TCP commands at OSI layer 7. The wide-temperature range models that are available operate reliably in hazardous, -40 to 75°C environments.

EDR-G902 Series

Category:

Features and Benefits

  • Firewall/NAT/VPN/Router all-in-one
  • Secure remote access tunnel with VPN
  • Stateful firewall protects critical assets
  • Inspect industrial protocols with PacketGuard technology
  • Easy network setup with Network Address Translation (NAT)
  • Dual WAN redundant interfaces through public networks
  • Support for VLANs in different interfaces
  • -40 to 75°C operating temperature range (-T model)
  • Security features based on IEC 62443/NERC CIP

Certifications

Download Datasheet

Get Quote

Description

Introduction
The EDR-G902 is a high-performance, industrial VPN server with a firewall/NAT all-in-one secure router. It is designed for Ethernet-based security applications on critical remote control or monitoring networks, and it provides an Electronic Security Perimeter for the protection of critical cyber assets including pumping stations, DCS, PLC systems on oil rigs, and water treatment systems. The EDR-G902 Series includes the following cybersecurity features:

  • Virtual Private Network (VPN): VPNs are designed to provide users with secure communication links when accessing a private network from the public Internet. They use IPsec (IP Security) server or client mode for encryption and authentication of all IP packets at the network layer to ensure confidentiality and sender authentication.
  • Firewall: Controls network traffic between different trust zones. Network Address Translation (NAT), which shields the internal LAN from unauthorized activity from outside hosts.

 

The EDR-G902’s Quick Automation Profile function supports most common fieldbus protocols, including EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, Modbus TCP, and PROFINET. Users can easily create a secure Ethernet Fieldbus network from a user-friendly web UI with a single click. In addition, Moxa’s PacketGuard technology (Deep Packet Inspection) helps to filter Modbus TCP commands at OSI layer 7. The wide-temperature range models that are available operate reliably in hazardous, -40 to 75°C environments.

Specification

10/100BaseT(X) Ports (RJ45 connector) 1
Combo Ports (10/100/1000BaseT(X) or 100/1000BaseSFP+) 1
Standards IEEE 802.1Q for VLAN Tagging
IEEE 802.3 for 10BaseT
IEEE 802.3ab for 1000BaseT(X)
IEEE 802.3u for 100BaseT(X) and 100BaseFX
IEEE 802.3x for flow control
IEEE 802.3z for 1000BaseSX/LX/LHX/ZX

Management Back Pressure Flow Control, DDNS, DHCP Server/Client, HTTP, LLDP, QoS/CoS/ToS, SMTP, SNMPv1/v2c/v3, Telnet, TFTP, QoS, PPPOE, Traffic prioritization
Routing Throughput: 25,000 packets per second (max. 300 Mbps)
Routing Redundancy VRRP
Security HTTPS/SSL, SSH, IPsec, OpenVPN (client and server), UDP and TCP Tunnel mode (routing) and TAP mode (bridge), L2TP (server), RADIUS
Time Management NTP Server/Client, SNTP
Unicast Routing OSPF, RIPV1/V2, Static Route

Max. No. of VLANs 10

Technology ARP-Flood, FIN Scan, ICMP-Death, NEWWithout-SYN Scan, NMAP-ID Scan, NMAP-Xmas Scan, Null Scan, SYN/FIN Scan, SYN/RST Scan, SYN-Flood, Xmas Scan

Deep Packet Inspection Modbus TCP
Modbus UDP
Filter DDoS, Ethernet protocols, ICMP, IP address, MAC address, Ports
Quick Automation Profiles DNP, EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, FTP, HTTP, IEC 60870-104, IPsec, L2TP, LonWorks, Modbus TCP, PPTP, PROFINET, RADIUS, SSH, Telnet
Stateful Inspection Router firewall
Transparent (bridge) firewall
Throughput Max. 25000 packets per second (max. 300 Mbps)

Authentication MD5 and SHA (SHA-256)
RSA (key size: 1024-bit, 2048-bit)
X.509 v3 certificate
Concurrent VPN Tunnels Max. 50 IPsec VPN tunnels
Encryption 3DES, AES-128, AES-192, AES-256, DES
Protocols IPsec, L2TP (server), PPTP (client)
Throughput Max. 60 Mbps (Conditions: AES-256, SHA-256)

Features 1-to-1, N-to-1, Port forwarding

Authentication User password by MD5 and SHA1
Concurrent VPN Tunnels Client Mode: max. 2 external servers
Server Mode: max. 5 external clients
Encryption AES-128/192/256 CBC, Blowfish CBC, DES CBC, DES-EDE3 CBC
Protocols OpenVPN (client and server), UDP, and TCP, Tunnel mode (routing) and TAP mode (bridge)

Event Type Firewall event, System event, VPN event
Media Local storage, SNMP Trap, Syslog server

Console Port RS-232

Connection Removable terminal block
Input Voltage 12/24/48 VDC
Input Current (Max.) 0.45 A @ 24 VDC
Overload Current Protection Supported
Reverse Polarity Protection Supported

Housing Metal
IP Rating IP30
Dimensions 51 x 152 x 131.1 mm (2.01 x 5.98 x 5.16 in)
Weight 1250 g (2.82 lb)
Installation DIN-rail mounting, Wall mounting (with optional kit)

Operating Temperature EDR-G902: 0 to 60°C (32 to 140°F)
EDR-G902-T: -40 to 75°C (-40 to 167°F)
Storage Temperature (package included) -40 to 85°C (-40 to 185°F)
Ambient Relative Humidity 5 to 95% (non-condensing)

EMC EN55032/24
EMI CISPR 32, FCC Part 15B Class A
EMS IEC 61000-4-2 ESD: Contact: 6 kV; Air: 8 kV
IEC 61000-4-3 RS: 80 MHz to 1 GHz: 10 V/m
IEC 61000-4-4 EFT: Power: 4 kV; Signal: 4 kV
IEC 61000-4-5 Surge: Power: 2 kV; Signal: 1 kV
IEC 61000-4-6 CS: 10 V
IEC 61000-4-8 PFMF
Maritime DNV-GL
Safety UL 508
Shock IEC 60068-2-27
Freefall IEC 60068-2-32
Vibration IEC 60068-2-6

Time 981,954 hrs
Standards Telcordia (Bellcore), GB

Warranty Period 5 years
Details See www.moxa.com/warranty

Models

Related products