Attacks/Breaches
2/5/2014
12:28 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Belden Assists Schneider Electric To Secure Critical Industrial Automation Systems

Adds EtherNet/IP Deep Packet Inspection (DPI) to its ConneXium Tofino Firewall

St. Louis, Missouri – January 28, 2014 – Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that Schneider Electric has expanded its ConneXium network and security offer with the addition of EtherNet/IP Deep Packet Inspection (DPI) to the ConneXium Tofino Firewall. The addition of DPI for the popular EtherNet/IP protocol allows Schneider Electric's customers to further harden their industrial control systems against network incidents and cyberattacks. It also allows easier enforcement of company policies for network and device access. The result is improved operational security, reliability and performance.

"Cyberattacks on manufacturing and process control facilities are increasing. They are also becoming more sophisticated. Enhanced security, along with the tangible business benefits of enforcing corporate security and compliance policies are a must," said Ken Mikelinich, product manager for industrial security devices at Schneider Electric. "The extension of the ConneXium Tofino Firewall to include superior protection of EtherNet/IP communications is another important way we are helping customers mitigate risk and support plant policy using security devices."

The ConneXium Tofino Firewall inspects and secures network traffic to and from Schneider Electric automation devices, providing protection from traffic storms, malformed messages and deliberate hacking attempts. In addition, the technology can be used to enforce plant procedure. For example, it can be used to block inappropriate modification or programming of critical devices and controllers, preventing costly mistakes and improving overall network uptime and reliability.

"We are pleased to be expanding our relationship with Schneider Electric with this additional product, and providing their customers with an easy-to-deploy, industrial grade firewall that works seamlessly with their systems," remarked Frank Williams, senior product manager for security at Belden.

The central functionality of the ConneXium Tofino Firewall is a security appliance/firewall that inspects each network message that passes through it, ensuring that only the right network messages from the right computers can be sent to critical controllers. Hacking attempts, deliberately corrupted messages and even network traffic storms are effectively prevented.

Deploying and configuring the product is made easy for engineers who are not generally security experts through the use of Tofino Security's patented Plug-n-Protect technologies. This includes expert technology that looks for common mistakes in firewall programming and corrects them with a single mouse click. Specific Schneider Electric product know-how is also built in, with pre-configured firewall templates for their major automation products.

Advanced protection is provided through DPI technology. Traditional IT firewalls examine TCP/IP headers in network messages and then make decisions whether to allow or block a message based on this limited information. DPI technology allows the firewall to dig deep into the SCADA and ICS protocols that sit on top of TCP/IP. The firewall then determines exactly what the protocol is being used for and makes better decisions on what should be allowed or blocked.

The 2012 release of the ConneXium Tofino Firewall included DPI for the Modbus TCP protocol. This year, the capability has been expanded to include DPI for the EtherNet/IP protocol. This includes special functionality for EtherNet/IP communications:

• Support for all Common Industrial Protocol (CIP) objects and services with pre-configured Graphical User Interface (GUI) elements according to ODVA specifications.

• Validity checking of both CIP and EtherNet/IP message headers to prevent common hacking techniques, such as buffer overflow attacks.

• An "advanced" option, which allows engineers to select specifically allowed services and objects for a firewall rule from a pre-configured drop down list.

"The ConneXium Tofino Firewall is unique in that it makes an easy to deploy security technology even easier by including smarts about Schneider Electric products," commented Eric Byres, chief technology officer at Belden's Tofino Security. "It then combines this ease-of-use with advanced firewall features that are specific to industrial needs. The result is a pragmatic and robust security solution for the plant floor."

The ConneXium Tofino Firewall with EtherNet/IP protection is the latest offering in the Schneider Electric ConneXium family of industrial communications and security products. In 2012, the ConneXium Industrial Firewall was released, providing boundary protection and encryption for industrial facilities. The ConneXium Tofino Firewall was also introduced that year, providing plant floor protection of automation systems from network incidents and cyberattacks.

Availability

The ConneXium Tofino Firewall is available for order now from Schneider Electric.

Model# TCSEFEA23F3F21

Description: ConneXium Tofino Firewall - 10/100BASE TX/TX

An early innovator in industrial Ethernet, Belden knows Industrial IT and is delivering the next generation of industrial networking solutions. Its global brands--Hirschmann, GarrettCom and Tofino Security--are leading the way in the evolution to EtherNet/IP. With a purpose-built portfolio, Belden's wired, wireless and embedded products deliver the highest confidence of reliability, availability and security. In addition, excellent warranties and dedicated customer support minimize downtime, protect critical infrastructure and provide peace of mind.

About Belden

Belden Inc., a global leader in high-quality, end-to-end signal transmission solutions, delivers a comprehensive product portfolio designed to meet the mission-critical network infrastructure needs of industrial, enterprise and broadcast markets. With innovative solutions targeted at reliable and secure transmission of rapidly growing amounts of data, audio and video needed for today's applications, Belden is at the center of the global transformation to a connected world. Founded in 1902, the company is headquartered in St. Louis and has manufacturing capabilities in North and South America, Europe and Asia. For more information, visit us at www.belden.com; follow us on Twitter @BeldenInc.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-0460
Published: 2014-04-16
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

CVE-2011-0993
Published: 2014-04-16
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.

CVE-2011-3180
Published: 2014-04-16
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

CVE-2011-4089
Published: 2014-04-16
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

CVE-2011-4192
Published: 2014-04-16
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

Best of the Web