On November 14, ODVA announced a significant enhancement for automation engineers using its CIP Security cybersecurity network extension for EtherNet/IP protocol, partner publication Control reported.
The new addition is a device-based firewall designed for enhanced intrusion deterrence. Similar to the IP Tables program in Linux, this firewall provides users with a straightforward traffic filter. Enabled through a new CIP Security device-based firewall profile, users have the flexibility to enable or disable this feature according to their preferences.
The profile specifically allows communication from known IP addresses using standard EtherNet/IP, adding an extra layer of security. The mechanism filters traffic based on IP address, port and protocol, using the Ingress Egress Object, creating an allow list of known IP addresses and allowing configuration of cipher suites and routing rules.
Learn more about this new development and more in the full article from Control.