Despite login authentication, our edge connectivity solutions compel users to change default passwords to ensure zero-trust security.
Moxa Secure Edge Connectivity
Ramp Up Device Security at Every Stage
In an interconnected world, any single node in your automation systems can be exploited, thus raising security concerns. Ramping up your device security is the obvious route to go; however, it’s not a one-time undertaking. Security is a journey that requires continuous updates to fend off future cyberthreats. Moxa’s edge connectivity solutions, based on IEC 62443 standards, not only provide you hardening devices with embedded security functions, but also offer an easy-to-use yet secure network management tool, enhancing your device security from initial deployment to daily maintenance.
Embedded Security Functions for Secure Deployment
User Authentication and Authorisation
Device Integrity
To enhance the integrity of edge connectivity devices, our products automatically check the CRC codes before device updates.
Device Least Functionality
A step-by-step hardening guide is available to help users set up our secure edge connectivity products properly and disable unnecessary services to block unwanted access.
Communication Integrity
Supports secure connections and the management of edge devices via TLS 1.2, HTTPS, and SNMPv3. Insecure protocols (e.g., HTTP) are disabled by default.
Network Access Control
Our edge connectivity solutions provide whitelisting functions that give only permitted IP addresses access to the network, thus keeping unauthorized access out.
Securing Your Devices With Efficient Maintenance
Configuration Management
Designed for both OT and IT users, our edge connectivity solutions support the GUI type of MXconfig and the CLI type of MCC tools, making it easy to update your firmware to enhance security, back up device settings, and restore them if compromises have ocurred. Here is a live demo of how our MXconfig and MCC help you easily manage mass device configurations.
Device Management
Our MXview network management tools provide intuitive network topology to help users easily check device status, including the security status of each of Moxa’s edge connectivity products. Moreover, you can monitor user-defined security events and bring violations to the administrator’s attention. Here is a live demo to show how you can use our MXview Security View.
Vulnerability Management
Our edge connectivity solutions provide firmware updates to patch exploited vulnerabilities when discovered. Moxa formed the Cyber Security Respond Team (CSRT) that monitors vulnerability updates and takes the necessary actions as required. Subscribe to our Security Advisory page to receive up-to-date information.
Secure Edge Connectivity Product Portfolio
| Product Category | NPort 5000/5000A Series* Serial Device Servers | NPort 6000 Series Secure Terminal Servers | MGate MB3000/5000 Series** Protocol Gateways | ioThinx 4510 Series Modular Remote I/Os |
|---|---|---|---|---|
| Embedded Security Functions for Secure Deployment | ||||
| User Authentication and Authorization | - Password protection (length, character enforcement) | - Password protection (length, character enforcement) - Authentication servers (RACIUS/TACACS+) - Customized privilege for different user groups | - Password protection (length, character enforcement) | - Password protection (length, character enforcement) |
| Device Least Functionality | - Security Hardening Guide - Unused services can be disabled - Disabled the default setting of the Telnet console | - Security Hardening Guide - Unused services can be disabled - Disabled the default setting of the Telnet console | - Security Hardening Guide (MGate MB3000/5000 Series) - Unused services can be disabled - Disabled the default setting of the Telnet console | - Security Hardening Guide - Unused services can be disabled |
| Communication Integrity | - HTTPS (TLS 1.2 embedded with self-signed certificate) - SNMPv3 | - HTTPS (TLS 1.2 embedded with self-signed certificate, also supports public certificate import) - SSH/SNMPv3 | - HTTPS (TLS 1.2 embedded with self-signed certificate, also supports public certificate import) - SNMPv3 | - HTTPS (TLS 1.2 embedded with self-signed certificate, and can be exported) - SNMPv3 |
| Device Integrity | Checks CRC code before updating the device | |||
| Network Access Control | - Accessible IP List - Access Control List (ACL) |
|||
| Securing Your Devices With Efficient Maintenance | ||||
| Configuration Management | - GUI type of MXconfig - CLI type of MCC tools |
|||
| Device Management | - Syslog (remote or local logging) - Manageable via MXview network management software |
|||
| Vulnerability Management | - Dedicated Cyber Security Response Team (CSRT) to handle vulnerabilities - Perform a Nessus scan |
|||
| * Exclude NPort 5100/5200 Series and NPort IA5000 Series. ** Exclude MGate MB3180. |
||||