Achilles Industrial Next Gen Firewall from Wurldtech

  • January 14, 2015
  • Feature

By Bill Lydon, Editor

Wurldtech launched a new firewall product for industrial control (ICS) and SCADA equipment that is designed protect from corruption and damage caused by cyberattacks. I spoke with Wurldtech’s Peter Lunk and Tom Kenneth, both very knowledgeable in networking, about their new Achilles Industrial Next Gen Firewall. Peter Lunk joined Wurldtech in January 2013 and is responsible for the company's sales, marketing, and product management. He has previous network industry experience at Juniper Networks’ $1B security business unit. Tom Kenneth joined Wurldtech in September 2013 and has product management and product marketing responsibilities. Kenneth has more than 15 years in the security and networking industries at Juniper Networks, McAfee, Check Point Software Technologies, and 3Com.

About Wurldtech

Lunk explained that Wurldtech has been focused on the electricity, oil and gas industry. They have 4 of 6 global oil and gas companies as customers. In addition, the company has worked with 9 of the top automation vendors, including Rockwell Automation, Honeywell, Emerson, ABB, GE, and Siemens. The company has three business units: cyber security assessments, Achilles device certification, and Wurldtech cyber products. Product offerings include Achilles Threat Intelligence Software, Achilles Industrial Security Training, and the new Achilles Industrial Next Gen Firewall.

Wurldtech Product and Service Offerings

GE acquired Wurldtech in October 2014. Since the company was acquired, they are focused on selling certification projects and contracts to third party partners. Under these contracts, Wurldtech will perform certifications that take advantage of their processes and procedures. Wurldtech is also shifting to the IEC 63443 standard for future certifications.

Next-Gen Firewall Product

The Achilles Industrial Next Gen Firewall is designed to protect industrial and SCADA systems by providing visibility, monitoring and blocking of malicious activity and attacks.

Network Architecture

The core of their product offering is cyber security hardware appliances. Perimeter protection is secured with 1U rack mount units that have 10 Internet ports, 2 of which are managed. More ports can be added with routers slaved to a perimeter unit. Satellite controls and SCADA are protected using field protection units that are hardened DIN-mount devices with 2 and 4 port models, each with 1 management port.

1u Rack Mount Perimeter Unit & Hardened DIN Mount Field Devices

The Achilles Industrial Next Gen Firewall combines the protection of a firewall, intrusion prevention system (IPS), and application visibility and control (AVC). These offerings leverage Wurldtech’s industrial security expertise and the industry’s leading, available threat intelligence. The system is compatible with industry Security Information and Event Management (SIEM) tools. 

The Next Gen Firewall inspects, secures and tracks industrial protocol traffic by combining the protection of a stateful firewall with intrusion prevention, application visibility, and control. A graphical drag-and-drop user interface is provided to simplify the management of security policy and configuration of protection profiles. Since factory networks are very hard to rewire for proper segmentation, the Next Gen Firewall drag-and-drop interface is also used for creating virtual zoning for segmentation without rewiring. Functions include monitoring traffic on ports, protocol inspection, plus signature matching for known industrial threats. Rules can be defined by users for access control and privileges for reads and writes to and from controllers. Wurldtech has a team that determines messaging patterns for industrial protocols and writes detailed rule sets that mitigate false positives and false negatives.

Holistic View

Lunk explained that the Achilles Industrial Next Gen Firewall is part of Wurldtech’s portfolio of products and services for managing the industrial cyber security lifecycle to assess, protect, and certify critical infrastructure. Assessment discovers anomalies and determines the root cause of vulnerabilities. Achilles Industrial Next Gen Firewall and Achilles Threat Intelligence Software protect networks of unpatched devices against specific industrial vulnerabilities by trapping known bad communication packets. Achilles Communications and Practices Certifications and Professional Services Certifications help ensure that best practices are being followed for device security and development. Lunk described how these offerings require the company to have teams of people that continually stay informed and analyze cyber threats.

Additional information can be found at

Related Articles

Did you enjoy this great article?

Check out our free e-newsletters to read more great articles..