Skip to Content
  1. All products
  2. HMS
  3. Anybus Industrial Firewalls
  4. ABD6004-DPIFW
  5. Anybus Industrial Firewalls
Pricelist: Default EUR pricelist Pricelist
Pricelist: Default EUR pricelist Pricelist

ABD6004-DPIFW

Advanced industrial security appliance with Deep Packet Inspection and 4 Gigabit Ethernet ports. The Anybus Defender 6004 with DPI/FW license combines powerful OT network protection with flexible network topology — 1x WAN and 3x individually configurable LAN ports (reconfigurable as 2nd WAN for multi-WAN setups).

Understands industrial protocols like Ethernet/IP CIP and Modbus at the application layer, letting you control exactly which commands and transactions pass through your OT network. Integrated Snort and Suricata IPS enable virtual patching of legacy devices, while auto-learn capabilities minimize manual rule creation. Built-in OT asset discovery identifies every connected device with make, type, firmware version and patch level.

Full VPN support (WireGuard, OpenSSL, IPsec) for secure plant-to-plant connections, RADIUS/LDAP/AD authentication, DHCP server and policy scheduling. Configuration via web GUI with use-case wizards, RESTful API and CLI. Optional central management via the Anybus Cybersecurity Console.

Rugged fan-less IP50 metal enclosure with DIN rail mounting.

Add to cart
Add to wishlist
Price
2,682.00 € 2,682.00 € (Tax excluded)
2,682.00 € (Tax excluded)

Terms and Conditions
Contact Us
How it worksKey use casesTechnical SpecsDocumentation

How it works

1
Install
Mount on DIN rail, connect WAN and up to 3 LAN segments between your IT/OT zones or machine cells
2
Discover
Asset scanner identifies all connected OT devices across all LAN segments with firmware and patch level details
3
Auto-learn
DPI auto-learns your industrial traffic patterns across all ports and suggests firewall rules — minimizing manual configuration
4
Enforce
Enable DPI rules and IPS signatures — only approved protocol transactions get through, legacy devices are virtually patched



Key use cases

Deep Packet InspectionInspect Ethernet/IP CIP and Modbus traffic at the application layer — control exactly which commands pass through
Virtual patchingProtect legacy PLCs and HMIs that can no longer receive updates — Snort and Suricata IPS with customizable signatures
Multi-segment networking4x Gigabit ports — 1 WAN + 3 individually configurable LANs. Reconfigure a LAN as 2nd WAN when needed
OT asset discoveryAutomatically identify every device on your network — make, type, firmware version, patch level and accuracy score
Secure plant-to-plant VPNEncrypted OT connections between facilities using WireGuard, OpenSSL or IPsec tunnels
IEC 62443 complianceImplement security zones and conduits with granular access control per industrial protocol transaction

 

Technical Specs

License typeDPI/FW — Perpetual
Stateful firewallYes — deny by default
NATSimple NAT wizard, 1:1, 1:many
Bridge / transparent modeYes
VLAN supportYes — logical segmentation
Certificate managementYes
Deep Packet InspectionEthernet/IP CIP, Modbus — auto-learn capable
Intrusion Protection (IPS)Snort & Suricata — customizable signatures
Virtual patchingYes — protect unpatched legacy devices
VPNWireGuard, OpenSSL & IPsec
Remote client VPNYes
RADIUS / LDAP / AD authenticationYes
DHCP server & forwardingYes
Rules/policy schedulerYes — by date, time and duration
Asset discovery & inventoryYes — OT/ICS specific, with accuracy score
NotificationsEmail, syslog, Telegram Messenger, Pushover
Central managementOptional — Anybus Cybersecurity Console


WAN1x RJ45 Gigabit Ethernet
LAN3x RJ45 Gigabit Ethernet (individually configurable)
ReconfigurableLAN ports can be reconfigured as 2nd WAN port
VLANSupported — additional logical segments
Total ports4x Gigabit RJ45


Web GUIOn-board web interface with use-case wizards
Rule creationOne-click from firewall logs + floating rules
APIIntegrated RESTful API
CLISSH / Console access
DiagnosticsTraffic diagnostics, debug tools, ARP & bandwidth monitoring


Input voltage24V DC
Current consumption (max)1100 mA
Power consumption (max)26.4W


IP ratingIP50
Housing materialMetal — fan-less
MountingDIN rail (EN 50022)
Dimensions (L x W x H)140.4 x 69.6 x 179.7 mm
Weight1270 g
Operating temperature0°C to +50°C
Humidity0–85% non-condensing


CEYes
RoHSYes (2011/65/EU)
WEEEYes
Country of originUSA


 

Why 6004 over 4002? The Defender 6004 adds 2 extra Gigabit LAN ports (4 total vs 2) for multi-segment OT networks — protect multiple machine cells or zones from a single appliance. LAN ports are individually configurable and can be reconfigured as a 2nd WAN for multi-WAN setups. For simpler two-port deployments, see the Defender 4002. For DPI-less deployments, see the NAT/FW license. For advanced routing, traffic shaping and HA, see the PRO/FW license.


Documentation

anybus-defender-6004-datasheet-20240502.pdf

Anybus Defender Documentation

Build the perfect configuration

Everything you need to complete your setup!

Your Dynamic Snippet will be displayed here... This message is displayed because you did not provide enough options to retrieve its content.