Belden, Schneider Electric pair on cybersecurity firewall
The system allows easier enforcement of company policies for network and device access. The result is improved operational security, reliability and performance
The addition of DPI for the popular EtherNet/IP protocol allows Schneider Electric’s customers to further harden their industrial control systems against network incidents and cyberattacks.
It also allows easier enforcement of company policies for network and device access. The result is improved operational security, reliability and performance.
The ConneXium Tofino Firewall inspects and secures network traffic to and from Schneider Electric automation devices, providing protection from traffic storms, malformed messages and deliberate hacking attempts. In addition, the technology can be used to enforce plant procedure. For example, it can be used to block inappropriate modification or programming of critical devices and controllers, preventing costly mistakes and improving overall network uptime and reliability.
The central functionality of the ConneXium Tofino Firewall is a security appliance/firewall that inspects each network message that passes through it, ensuring that only the right network messages from the right computers can be sent to critical controllers. Hacking attempts, deliberately corrupted messages and even network traffic storms are effectively prevented.
Deploying and configuring the product is made easy for engineers who are not generally security experts through the use of Tofino Security’s patented Plug-n-Protect technologies. This includes expert technology that looks for common mistakes in firewall programming and corrects them with a single mouse click. Specific Schneider Electric product know-how is also built in, with pre-configured firewall templates for their major automation products.
Advanced protection is provided through DPI technology. Traditional IT firewalls examine TCP/IP headers in network messages and then make decisions whether to allow or block a message based on this limited information. DPI technology allows the firewall to dig deep into the SCADA and ICS protocols that sit on top of TCP/IP. The firewall then determines exactly what the protocol is being used for and makes better decisions on what should be allowed or blocked.