Cisco ISA-3000-4C-FTD hardware firewall 2 Gbit/s

The ISA3000 bundles the proven security of the Cisco Secure Firewall with the visibility and control of industrial protocols and applications developed by leading automation vendors such as Omron, Rockwell, GE, Schneider, Siemens, and others. The ISA3000 is key as you start converging IT and OT security and capturing the benefits of your industrial digitization efforts.

As a foundational component of your IoT/OT security journey, the ISA3000 is the ideal ruggedized firewall to segment industrial networks, protect OT assets from potential threats, and build compliance with a variety of industrial standards, regulations, and guidelines such as NERC-CIP, ISA99/IEC62443, CFATS, ANSI/AWWA G430, and others.

Certified for deployment in the most demanding industries (power utilities, oil and gas, transportation, mining, manufacturing, water utilities, and more), the ISA3000 is widely used as a DMZ firewall to connect small, distributed industrial sites, enforce segmentation of large internal networks, and manage VPN connections to enable secure management of remote assets and seamless distributed operations.

The ISA3000 protects industrial processes and vulnerable control equipment. It leverages industry-leading threat detection and vulnerability exploit protection rules developed by Cisco Talos®, including thousands of industrial-focused rules. Using OpenAppID and Deep Packet Inspection (DPI) of industrial protocols, it even lets you write your own custom detectors to create alerts and block or allow traffic based on the industrial application flows you most care about. Cisco Advanced Malware Protection (AMP) is also built in to continuously track suspect file propagation.

Managed through either a user-friendly on-box device manager, on-premises centralized management, or a cloud-based management solution, the ISA3000 provides industrial-focused, out-of-the-box configuration and simplified operational management. And because these management tools are the same you already use with Cisco firewalls in your IT domain, it is easy to extend IT security to OT and enforce consistent security policies across domains.

As part of Cisco’s comprehensive security portfolio, the ISA3000 interacts with your existing tools to deliver an integrated IT/OT security workflow. Cisco Cyber Vision provides host attribute information to enable construction of meaningful and contextual security policies. Cisco Identity Services Engine (ISE) can be leveraged to exchange unified policy updates as well as host context information using Security Group Tags (SGTs) for security enforcement. The ISA3000 can also exchange NetFlow information with Cisco Stealthwatch® to provide network-level context information. The ISA3000 provides insights and alerts to Cisco SecureX™ to streamline event triage and correlation, enabling coordinated, single-click defenses.

With the ISA3000, you can build a secure IoT/OT infrastructure and leverage your existing IT security tools and expertise to help ensure production integrity, continuity, and safety.