How to automatically disconnect network?

Is there a device automatically disconnect network or time limit a physical connection to a network?

We are dealing with a production outage of large industrial equipment. Our supplier, with no notice, remotely connected to the process control system and completely botched an update to their system.

I don’t know how others deal with controlling remote access to industrial systems.

The question is, is there a device that will physically disconnect a network connection after a set time? Yes, we could use a Christmas tree light timer hooked up to a switch or something like that but I want something more elegant. Something with two network jacks on it that disconnects the port after a set time.

Someone suggest I should cut a network cable and break the wires out, one to each port of one of (link to company selling counterfeit product removed by moderator)

Then, connect it to an ATtiny - ATtiny85 and program it to go on and off.

Is that a feasible way?

Plan A;-

Prevent unwanted connections with a firewall, firewall could be corp's or cheap Linux base router with firewall support. This is logic connection control. Using Linux' s cron (schedule) service to set up schedule.

Plan B;-

Set up A (scheduled) honey pot. A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. (This includes the hacker, cracker, script kiddy, and un-want supplier.) Now your supplier is happy, and so are you.

Any decent business grade router should provide access control from outside connections.

Blackmon:
I don't know how others deal with controlling remote access to industrial systems.

You can start by telling your supplier what is and is not acceptable. Where production is concerned, I think it is vital to let your suppliers know just how much downtime costs you. A penalty clause, making the supplier liable for lost production and wage bills due to down time they inflict without notice, is usually sufficient to focus their attention. Have them sign an NDC while you are at it.

The question is, is there a device that will physically disconnect a network connection after a set time?

In the old days of expensive WANs and unreliable router software, I used to use time switches to physically power down WAN devices outside business hours. These days, I handle it at the gateway router or by authentication. Just about any decent business class router will have a scheduling facility, which can deny access to individual users, remote connections or local devices. Another way to deal with selective access, is by using one time passwords, which immediately expire after a successful authentication.

Someone suggest I should cut a network cable and break the wires out,

Not a great idea. Ethernet uses high frequency transmission, which is highly susceptible to changes in characteristic impedance along the transmission path. In other words, twisted pair Ethernet cable spans are not supposed to be physically cut. Having said that, depending on the cable span and other environmental considerations, operating outside of specifications does not always cause Ethernet to immediately break.

Somewhere in the attic, I have a 10Mb switch which uses a couple of these

to flip Tx and Rx pairs on the uplink port. Whether they would work with Fast or Gig Ethernet, I would not like to say. With the exception of PoE, there is not a great deal of power travelling through an Ethernet cable so with the right isolation, you could probably do something solid state with an Arduino, which was no more or less wrong.

in almost every router i’ve seen, you can prevent all external connections from ever connecting by specifying the times allowed to connect…

but… i suppose you could use a transistors instead of relays…

do not forget OP ask automatically/schedule function.

You have a device, it's your control system! Use a discrete output to energize a relay to power whatever switch or network device connects to the outside world. The vendor would then have to call you or your operator to have the connection turned on. You could also set an automatic timeout to disconnect it.