Products
Overview
Assuring Availability, Reliability and Safety
Industrial Defender offers the only suite of integrated security products optimized for industrial control systems environments.
The unique characteristics of these environments (industrial design, unique protocols, low bandwidth networks) preclude many traditional IT enterprise security products from operating safely without impairing operations, and when introduced, can provide significant disruption and downtime to real-time, revenue generating assets.
Utilizing a similar paradigm to the enterprise IT world, our integrated technology suite:
- secures end points against intrusion or illegal entry
- monitors networks and hosts for intrusion and other malicious activity
- provides authentication and access management
- provides visibility, monitoring, alerting, reporting via a security event management console
- provides patching, configuration, asset and license management for industrial systems
Each layer of the solution is built to accommodate and leverage the unique functional, performance and operational needs of real-time process control environments.
Industrial Defender Technology Suite Portfolio
Designed to deploy a Defense-in-Depth strategy, the integrated suite consists of:
UTM / Firewall – deployed as the first line of defense at the edge of the operations network to segment and secure the operations network from the enterprise network. UTM appliances provide cost-effective, comprehensive protection against network, content, and application-level threats without degrading process control network availability and uptime.
Device Interfaces –Device Interfaces (DIs) include Sensors, Collectors, and Protectors. DIs secure critical process control host systems such as DCS workstations, SCADA servers, HMI operator stations, historians, substation routers and many other IP networked systems and devices. DIs provide superior protection while gathering control system data for internal audit and regulatory compliance.
Host Intrusion Prevention System – A whitelisting-based technology that ensures only approved applications can execute on control system workstations and clients. HIPS automatically blocks all unauthorized applications including malware and rogue applications installed by users. HIPS does not impact system performance, a significant advantage over resource-hungry security applications like blacklist-based antivirus.
Network Intrusion Detection System – Provides a control network intrusion detection system that passively monitors all network traffic within the security perimeter, enabling all types of suspicious activity to be detected. Unlike enterprise class NIDS, the Industrial Defender NIDS includes the ability to monitor the de facto protocols used by process control systems such as Modbus TCP, DNP3, ODVA Ethernet/IP, ICCP, etc., and generate alarms that are sent to the Industrial Defender Security Event Manager for logging and diagnosis.
Security Event Manager – Provides monitoring and management of security events occurring in control system and SCADA networks. It acts as the central collection point for security data and alert management of network activity. Supports all control vendor systems, both modern and legacy.
Compliance Manager – Enables companies to effectively meet compliance and auditing requirements without disruption to system availability. The system automates data gathering, normalization, archiving and reporting to support audit requirements. Also integrates and streamlines the compliance process through a single pane of glass across disparate process control environments.
Access Manager – Provides secure access and authentication for remote substations and locations. Enforces authentication, authorization and logging of user activity, thus enabling companies to meet regulatory compliance such as NERC CIP Standards.
Dial-up Gateway – Offers security, reliability and communications cost reduction for remote substations accessible via dial-up.