Cyber Security
provides the basis for trustworthy remote access and data acquisition via the Internet.
It is important to arm yourself against attacks on IT equipment (such as botnets, DDOS attacks, viruses, malware, worms, etc.) as well as against special attacks on industrial systems (such as Stuxnet, Citadel, Energetic Bear/Havex, Miancha, BlackEnergy, Irongate, PLC Blaster, etc.).
An end-to-end security concept and permanent monitoring and further development are the key.
Multi-layered security strategy
We offer you the best defense-in-depth approach for your remote access solution. Using ISO 27002, IEC 62443-2-4 and NIST Cyber Security Framework 1.0 guidelines, we have developed a controlled, hybrid and multi-layered security architecture to protect your devices, your network and, above all, your industrial control systems.
LAYER 1: EWON ROUTER
WAN/LAN network isolation, local device authentication and a physical switch to enable/disable VPN remote access.
LAYER 2: FIREWALL
A comprehensive firewall that covers IP addresses, ports and protocol filtering. You can also restrict access for individual users, user groups and the location of individual or multiple devices.
LAYER 3: ENCRYPTED DATA TRAFFIC
All VPN sessions are end-to-end encrypted with OpenVPN and SSL/TLS protocols.
LAYER 4: USER AND ACCESS MANAGEMENT
Unique user IDs, configurable user rights for different devices, two-factor authentication and complete connection audits ensure outstanding traceability.
LAYER 5: NETWORK INFRASTRUCTURE
We work with globally redundant hosting partners. They help us to monitor the network infrastructure around the clock and provide complete transparency regarding the status of our servers and services.
LAYER 6: COMPLIANCE
The Ewon router and Talk2m solution complements and is compatible with existing corporate security policies, firewall rules and proxy server settings.
IT certified
By striking a balance between security and ease of use, Ewon develops world-class remote maintenance solutions aimed at both users and IT managers.
Key benefits for factory IT adoption
- Firewall-friendly: Since no inbound connections to the devices are required, there is no need to change firewall settings, routing policies, open ports or add exceptions. Little or no IT involvement is required. Ewon routers initiate a VPN tunnel to our industrial cloud VPN servers. These use outbound connections via the factory LAN and the ports that are usually enabled (HTTPS port 443 or UDP port 1194).
- Key switch: Thanks to a key switch or HMI button for digital inputs on the Ewon router, the end user can fully control whether remote access is possible or not.
- Connection history: Our solutions provide traceability. Account administrators can see in a connection report which users have connected via which devices, at which location and at what time. This report can be a valuable tool to ensure that the corporate policies of your remote access solutions are being followed.
- Multi-factor authentication: In addition to the username and password, you can add a second level of security. This requires a key to be sent via SMS that changes each time you log in.
Security audits and certification by independent partners
NVISO is an independent professional services company focused exclusively on information and cyber security. From its headquarters in Brussels, NVISO started in 2013 with its mission to protect organizations in critical industries from security incidents. With a proven track record of providing cybersecurity services to financial services organizations (including all major banks in Belgium), NVISO continued to expand in Europe, opening offices in Frankfurt and Munich.
NVISO invests 10% of its annual revenue in research and development. In addition, all NVISO employees have NATO SECRET clearance, enabling a dedicated team to provide security consulting as well as security assessments of products, applications and infrastructures. NVISO has created and currently teaches several SANS courses on cybersecurity assessments (SEC599, SEC699, SEC560 and SEC577). They are also co-founders of the OWASP Security Verification Standard and the Mobile Application Security Verification Standards and are taking a leading position in the development of the IoT Security Verification Standard.
Security news
Cyber security
HMS goes to great lengths to develop secure and robust solutions and protecting your data is always our top priority. You can find up-to-date security advisories and report vulnerabilities or incidents on our security pages.
Security Advisories:
Whitepaper: Securing your industrial connectivity: a safe path to Industry 4.0
Securing your industrial connectivity: a safe path to Industry 4.0
This white paper explains how the Ewon solution works and how it meets your requirements for highly secure industrial connectivity. A help for a secure path to Industry 4.0.
Securing your industrial connectivity: a safe path to Industry 4.0
Sicherung Ihrer industriellen Konnektivität: ein sicherer Weg zu Industrie 4.0
Download (1.92 MB) 
Best practices for secure use of the Ewon solution
Take advantage of the Ewon solution in a very secure and efficient way
Download (813 KB) 
Best practices for a secure usage of the Ewon solution
Take advantage of the Ewon solution in a very secure and efficient way
Download (776 KB) 
For further questions about cyber security:
If you have any questions about cyber security, please contact: ewonsecurity(at)hms-networks.com
Always up-to-date and important information on updates and cyber security topics
... promptly, at first hand! further information
to top
Contact
Request form