Blog
Recent Posts
Cybersecurity Firewall PortBloque S Protects Modbus Devices From Harmful And Unwanted Traffic
Posted by
onSequi, a developer of cybersecurity products for industrial control networks, announced the availability of PortBloque S, a serial-to-serial firewall that protects Modbus devices from harmful and unwanted traffic. PortBloque S is the first in a series of planned firewalls aimed at addressing the inherent vulnerabilities of the Modbus protocol. Advanced deep packet inspection (DPI) technology is used on Modbus traffic to ensure that control systems receive only the commands required for normal operations and not commands that could lead to harmful consequences.
PortBloque S enables users to control traffic to the RTU in a granular fashion. Firewall rules can be customized to permit specific Modbus function codes (standard and non-standard), device IDs, registers, and values. Typical applications are filtering inbound radio communications or controlling the data stream on an extended RS-485 link.
PortBloque S has two RS232/485/422 ports, one 10/100BaseT Ethernet port, a management port, and supports RTU and ASCII modes of Modbus. Configuration is intuitive and browser-based. Statistics for firewall and system activity are syslog generated and dashboard-viewable.
Firewall Rules
- Modbus deep packet inspection (DPI):
- Device ID: multiple devices or groups of devices
- Function code: 1-8, 11,12, 15-17, 20-24, 43, and four user-defined codes
- Registers
- Values
- Bidirectional filtering
Serial Protocols
- Modbus RTU
- Modbus ASCII
Interfaces
- Host/Slave: 10-pin terminal block
- Slave:DB9 male (RS-232/422/485 software selectable)
- Host: DB9 female (RS-232/422/485 software selectable)
- Mgmt DB9 female (RS-232)
- LAN: RJ45 Ethernet (10/100BaseT)
Serial Signals
- RS-232: TxD, RxD, RTS, CTS, DTR, DSR, DCD
- RS-485 2-wire: Data+, Data-
- RS-422 4-wire: Tx+, Tx-, Rx+, Rx-
=> Download/view the Sequi PortBloque S data sheet (PDF)...
Modbus is a serial communications protocol originally published by Modicon (now Schneider Electric) in 1979 for use with its programmable logic controllers (PLCs).
Simple and robust, it has since become a de facto standard communication protocol, and it is now a commonly available means of connecting industrial electronic devices. The main reasons for the use of Modbus in the industrial environment are:
- Developed with industrial applications in mind
- Openly published and royalty-free
- Easy to deploy and maintain
- Moves raw bits or words without placing many restrictions on vendors
The everyman's guide to Modbus let's you discover how a protocol born in the 1970's still remains relevant today. A practical guide to everything Modbus.