12:28 PM
Dark Reading
Dark Reading
Products and Releases

Belden Assists Schneider Electric To Secure Critical Industrial Automation Systems

Adds EtherNet/IP Deep Packet Inspection (DPI) to its ConneXium Tofino Firewall

St. Louis, Missouri – January 28, 2014 – Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that Schneider Electric has expanded its ConneXium network and security offer with the addition of EtherNet/IP Deep Packet Inspection (DPI) to the ConneXium Tofino Firewall. The addition of DPI for the popular EtherNet/IP protocol allows Schneider Electric's customers to further harden their industrial control systems against network incidents and cyberattacks. It also allows easier enforcement of company policies for network and device access. The result is improved operational security, reliability and performance.

"Cyberattacks on manufacturing and process control facilities are increasing. They are also becoming more sophisticated. Enhanced security, along with the tangible business benefits of enforcing corporate security and compliance policies are a must," said Ken Mikelinich, product manager for industrial security devices at Schneider Electric. "The extension of the ConneXium Tofino Firewall to include superior protection of EtherNet/IP communications is another important way we are helping customers mitigate risk and support plant policy using security devices."

The ConneXium Tofino Firewall inspects and secures network traffic to and from Schneider Electric automation devices, providing protection from traffic storms, malformed messages and deliberate hacking attempts. In addition, the technology can be used to enforce plant procedure. For example, it can be used to block inappropriate modification or programming of critical devices and controllers, preventing costly mistakes and improving overall network uptime and reliability.

"We are pleased to be expanding our relationship with Schneider Electric with this additional product, and providing their customers with an easy-to-deploy, industrial grade firewall that works seamlessly with their systems," remarked Frank Williams, senior product manager for security at Belden.

The central functionality of the ConneXium Tofino Firewall is a security appliance/firewall that inspects each network message that passes through it, ensuring that only the right network messages from the right computers can be sent to critical controllers. Hacking attempts, deliberately corrupted messages and even network traffic storms are effectively prevented.

Deploying and configuring the product is made easy for engineers who are not generally security experts through the use of Tofino Security's patented Plug-n-Protect technologies. This includes expert technology that looks for common mistakes in firewall programming and corrects them with a single mouse click. Specific Schneider Electric product know-how is also built in, with pre-configured firewall templates for their major automation products.

Advanced protection is provided through DPI technology. Traditional IT firewalls examine TCP/IP headers in network messages and then make decisions whether to allow or block a message based on this limited information. DPI technology allows the firewall to dig deep into the SCADA and ICS protocols that sit on top of TCP/IP. The firewall then determines exactly what the protocol is being used for and makes better decisions on what should be allowed or blocked.

The 2012 release of the ConneXium Tofino Firewall included DPI for the Modbus TCP protocol. This year, the capability has been expanded to include DPI for the EtherNet/IP protocol. This includes special functionality for EtherNet/IP communications:

• Support for all Common Industrial Protocol (CIP) objects and services with pre-configured Graphical User Interface (GUI) elements according to ODVA specifications.

• Validity checking of both CIP and EtherNet/IP message headers to prevent common hacking techniques, such as buffer overflow attacks.

• An "advanced" option, which allows engineers to select specifically allowed services and objects for a firewall rule from a pre-configured drop down list.

"The ConneXium Tofino Firewall is unique in that it makes an easy to deploy security technology even easier by including smarts about Schneider Electric products," commented Eric Byres, chief technology officer at Belden's Tofino Security. "It then combines this ease-of-use with advanced firewall features that are specific to industrial needs. The result is a pragmatic and robust security solution for the plant floor."

The ConneXium Tofino Firewall with EtherNet/IP protection is the latest offering in the Schneider Electric ConneXium family of industrial communications and security products. In 2012, the ConneXium Industrial Firewall was released, providing boundary protection and encryption for industrial facilities. The ConneXium Tofino Firewall was also introduced that year, providing plant floor protection of automation systems from network incidents and cyberattacks.


The ConneXium Tofino Firewall is available for order now from Schneider Electric.

Model# TCSEFEA23F3F21

Description: ConneXium Tofino Firewall - 10/100BASE TX/TX

An early innovator in industrial Ethernet, Belden knows Industrial IT and is delivering the next generation of industrial networking solutions. Its global brands--Hirschmann, GarrettCom and Tofino Security--are leading the way in the evolution to EtherNet/IP. With a purpose-built portfolio, Belden's wired, wireless and embedded products deliver the highest confidence of reliability, availability and security. In addition, excellent warranties and dedicated customer support minimize downtime, protect critical infrastructure and provide peace of mind.

About Belden

Belden Inc., a global leader in high-quality, end-to-end signal transmission solutions, delivers a comprehensive product portfolio designed to meet the mission-critical network infrastructure needs of industrial, enterprise and broadcast markets. With innovative solutions targeted at reliable and secure transmission of rapidly growing amounts of data, audio and video needed for today's applications, Belden is at the center of the global transformation to a connected world. Founded in 1902, the company is headquartered in St. Louis and has manufacturing capabilities in North and South America, Europe and Asia. For more information, visit us at; follow us on Twitter @BeldenInc.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-01-28
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media A...

Published: 2015-01-28
Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors.

Published: 2015-01-28
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Published: 2015-01-28
Double free vulnerability in Adobe Flash Player before and 14.x through 16.x before on Windows and OS X and before on Linux allows attackers to execute arbitrary code via unspecified vectors.

Published: 2015-01-28
The XML parser in Cisco Prime Service Catalog before 10.1 allows remote authenticated users to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, as demonstrated by reading private keys, related t...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If youíre a security professional, youíve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.