Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Ultra Electronics, 3eTI Expands Security Solutions for Industrial Networks

ATLANTA – 2014 ICS Cyber Security Conference – Ultra Electronics, 3eTI, a maker of cyber-technology solutions designed to secure critical infrastructure and improve operational efficiency, expanded its CyberFence product lineup with new devices that push encryption, port authentication, and firewall technologies onto non-traditional endpoints.

ATLANTA – 2014 ICS Cyber Security Conference – Ultra Electronics, 3eTI, a maker of cyber-technology solutions designed to secure critical infrastructure and improve operational efficiency, expanded its CyberFence product lineup with new devices that push encryption, port authentication, and firewall technologies onto non-traditional endpoints.

Overall, CyberFence is comprised of five products that provide endpoint protection for non-PC systems. The products include DarkNode, EtherGuard, EtherWatch, UltraCrypt, and Criticom ISEC.

Ultra Electronics 3eTI

DarkNode protects industrial control systems networks by fortifying the endpoints, said Alex Tarter, group cyber-security technical lead at Ultra Electronics, 3eTI, told SecurityWeek at the 2014 ICS Cyber Security Conference in Atlanta this week. “The endpoints shouldn’t trust the network, and the network shouldn’t trust the endpoint either,” Tarter said.

DarkNode provides programmable logic controllers and other industrial control systems with essential security defenses instead of forcing the devices to rely on the network for protection.

No IT administrator would ever put the endpoint on the network without installing some security software on it, regardless of what other security defenses are deployed on the network level, said Benga Erinle, president of Ultra Electronics, 3eTI. Windows PCs have a built-in firewall build-in to the operating system. “Yet when PLCs are connected to the network, the network defenses are sufficient,” Erinle said. DarkNode acts as the security software for the PLCs.

DarkNode provides low-latency Layer-2 inline encryption to protect all communications passing through the device. Because the encryption is performed on the hardware level—meeting FIPS 140-2 and Common Criteria certification—there is no performance hit or latency issues, Tarter said. DarkNode also prevents random endpoints from connecting to the network by enforcing port authentication. The endpoint has a digital certificate which the DarkNode device validates before connecting to the network. By the same token, if a device is stolen, the administrator can disable the certificate and block the device when it tries to reconnect.

The built-in firewall in DarkNode also lets administrators specify rules on who can read or write to the PLC. Administrators can create a blacklist defining what activities to block, or a whitelist defining only the allowed actions.

DarkNode also has the same capabilities of EtherWatch, an industrial firewall for SCADA systems protecting ICS and embedded devices, which separates management traffic from the data traffic. Attackers can eavesdrop on communications data, which is encrypted, but not be able to intercept any of the alerts or other management packets. Or the reverse. DarkNode is also invisible on the network, meaning attackers cannot see DarkNote on the communications traffic side, so they have no way of knowing why their attacks are failing, Tarter said.

For the other products in the CyberFence portfolio, UltraCrypt encrypts data for high-capacity dedicated networks such as MPLS and VLANs, while Criticom ISEC is a secure video conferencing switch for communications across different network classifications.

The products offer FIPS 140-2 and Common Criteria certification.

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...