Appendix E: Firewall Rules Example - Microhard Systems BulletPlus Operating Manual

Appendix E: Firewall Example (Page 1 of 2)
By completing the Quick Start process, a user should have been able to log in and set up the BulletPlus to
work with their cellular carrier. By completing this, the modem is ready to be used to access the internet
and provide mobile connectivity. However, one of the main applications of the BulletPlus is to access
connected devices remotely. Security plays an important role in M2M deployments as in most cases the
modem is publically available on the internet. Limiting access to the BulletPlus is paramount for a secure
deployment. The firewall features of the BulletPlus allow a user to limit access to the BulletPlus and the
devices connected to it by the following means
Consider the following example. An BulletPlus is deployed at a remote site to collect data from an end
device such as a PLC or RTU connected to the serial DATA port (Port 20001). It is required that only a
specific host (Host A) have access to the deployed BulletPlus and attached device, including the remote
management features.
Step 1
Log into the BulletPlus (Refer to Quick Start). Navigate to the Firewall > General tab as shown below and block all
Carrier traffic by setting the Carrier Request to Block, and disable Carrier Remote Management. Be sure to Apply the
settings. At this point it should be impossible to access the BulletPlus from the Cellular Connection.
© Microhard Systems Inc.
- Customizable Rules
- MAC and/or IP List
- ACL (Access Control List) or Blacklist using the above tools.
Host B:
84.53.23.12
Host A:
184.71.46.126
Host C:
186.41.57.101
BulletPlus
Cell IP: 74.198.186.193
Local Device on TCP Port
20001
Firewall
219