Skip to content
Industrial Networking for Busy Professionals

6.5 OT-Specific Appliances

The previous sections covered general-purpose network appliances: firewalls, IDS/IPS, load balancers, and storage. OT networks require a specialized subset of these — industrial firewalls with deep packet inspection for industrial protocols, and data diodes that enforce one-way data flow at the hardware level.

These products are covered in depth in Part 6, where each Hirschmann security product is documented with real specifications, configuration guidance, and use cases:

19.1 EAGLE One Firewall Layer 2/3 industrial firewall with Classic Firewall Software. Certified for substation (IEC 61850-3), railway (EN 50121-4), and hazardous locations (ATEX Zone 2).
19.2 EAGLE40 Next-Generation Firewall Stateful + Deep Packet Inspection firewall with HiSecOS. IPSec VPN, OSPF, VRRP, and protocol-specific enforcement modules for EtherNet/IP, Modbus, OPC UA, IEC 104, DNP3, and GOOSE.
19.3 Rail Data Diode Hardware-enforced unidirectional data transfer. Physically eliminates the return path — no software misconfiguration can open it.

What Comes Next

Section titled “What Comes Next”

OT-specific security appliances complete the infrastructure picture. The next chapter covers wireless networking — 802.11 standards, channels, encryption, and the challenges of deploying wireless in industrial environments.

References

Section titled “References”
  • Hirschmann. (2024). Belden/Hirschmann Essentials 2024. Belden.