Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Ultra Electronics, 3eTI Expands Security Solutions for Industrial Networks

ATLANTA – 2014 ICS Cyber Security Conference – Ultra Electronics, 3eTI, a maker of cyber-technology solutions designed to secure critical infrastructure and improve operational efficiency, expanded its CyberFence product lineup with new devices that push encryption, port authentication, and firewall technologies onto non-traditional endpoints.

ATLANTA – 2014 ICS Cyber Security Conference – Ultra Electronics, 3eTI, a maker of cyber-technology solutions designed to secure critical infrastructure and improve operational efficiency, expanded its CyberFence product lineup with new devices that push encryption, port authentication, and firewall technologies onto non-traditional endpoints.

Overall, CyberFence is comprised of five products that provide endpoint protection for non-PC systems. The products include DarkNode, EtherGuard, EtherWatch, UltraCrypt, and Criticom ISEC.

Ultra Electronics 3eTI

DarkNode protects industrial control systems networks by fortifying the endpoints, said Alex Tarter, group cyber-security technical lead at Ultra Electronics, 3eTI, told SecurityWeek at the 2014 ICS Cyber Security Conference in Atlanta this week. “The endpoints shouldn’t trust the network, and the network shouldn’t trust the endpoint either,” Tarter said.

DarkNode provides programmable logic controllers and other industrial control systems with essential security defenses instead of forcing the devices to rely on the network for protection.

No IT administrator would ever put the endpoint on the network without installing some security software on it, regardless of what other security defenses are deployed on the network level, said Benga Erinle, president of Ultra Electronics, 3eTI. Windows PCs have a built-in firewall build-in to the operating system. “Yet when PLCs are connected to the network, the network defenses are sufficient,” Erinle said. DarkNode acts as the security software for the PLCs.

DarkNode provides low-latency Layer-2 inline encryption to protect all communications passing through the device. Because the encryption is performed on the hardware level—meeting FIPS 140-2 and Common Criteria certification—there is no performance hit or latency issues, Tarter said. DarkNode also prevents random endpoints from connecting to the network by enforcing port authentication. The endpoint has a digital certificate which the DarkNode device validates before connecting to the network. By the same token, if a device is stolen, the administrator can disable the certificate and block the device when it tries to reconnect.

The built-in firewall in DarkNode also lets administrators specify rules on who can read or write to the PLC. Administrators can create a blacklist defining what activities to block, or a whitelist defining only the allowed actions.

DarkNode also has the same capabilities of EtherWatch, an industrial firewall for SCADA systems protecting ICS and embedded devices, which separates management traffic from the data traffic. Attackers can eavesdrop on communications data, which is encrypted, but not be able to intercept any of the alerts or other management packets. Or the reverse. DarkNode is also invisible on the network, meaning attackers cannot see DarkNote on the communications traffic side, so they have no way of knowing why their attacks are failing, Tarter said.

Advertisement. Scroll to continue reading.

For the other products in the CyberFence portfolio, UltraCrypt encrypts data for high-capacity dedicated networks such as MPLS and VLANs, while Criticom ISEC is a secure video conferencing switch for communications across different network classifications.

The products offer FIPS 140-2 and Common Criteria certification.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet