Preferred field of application:

The subsequent and low-effort segmentation of historically grown, flat network hierarchies.

Disadvantages:

• No saving of IP addresses of the higher-level network possible.
• Inventoryability of shared island participants via ARP from the surrounding network.

Router: Microwall VPN and Microwall IO

Both the Microwall VPN and the Microwall IO work as classic routers from an infrastructure point of view. This means that they connect two different networks from an IP point of view. Traffic between these networks is controlled or secured through an internal microwall firewall with explicit sharing rules.

Preferred field of application:

New installations of systems by manufacturers/integrators/operators. Here, for example, the same IP setup can be used as a factory setting for all devices/systems in series production. For the operator, the effort for integration on his network is limited to the configuration of the microwall.

• With functions such as Static NAT, the island network can be completely hidden from the surrounding network at all protocol levels (Ethernet, IP).
• Multiple islands with the same IP address range can be integrated into the surrounding network.
• Simple configuration of the sharing rules based on IP addresses and TCP/UDP port numbers via the web interface of the microwall.

• A subsequent isolation of participants requires the change of their IP configuration (IP address, subnet mask, gateway). Especially with several island participants, the effort can be high due to different configuration paths/tools and the conversion of the communicating applications.
• A possible emergency fallback to a direct connection to the surrounding network is associated with the same effort.