- March 05, 2018
WoMaster held Cyber Security training for its partners to demonstrate how they can provide a complete protection of IIoT network according to ISASecure - IEC 62443-4-2 from currently existing threats
March 5, 2018 - Over the last decade, addressing and resolving the growing threat for closed industrial IoT networks to be accessed and influenced over the public Internet has become the main priority for industrial automation and system control integrators. In February 2018, WoMaster held Cyber Security training for its partners to demonstrate how they can provide a complete protection of IIoT network according to ISASecure - IEC 62443-4-2 from currently existing threats on the following levels:
Level 1 – accidental unauthenticated access
Level 2 – the most common attack experienced by system integrators
Level 3/4 - intentional access by hackers who utilize specific skills and tools
Anyone can watch the recorded videos from the IIoT Cyber Security training here:
1) Part 1: https://www.youtube.com/watch?v=GdpnIJjdbXk
The training covers such Cyber Security features as:
- SW & HW(ASIC) integrated protection mechanism, which applies the latest Application-Specific Integrated Circuit (ASIC) secure technology (L2-L7 packet classification), multi-level authentication, secure data transmission, encrypted key data, complete event logs/traps, operational errors prevention, and event logs, and operational errors exceeds IEC62443-4-2 Level 2 requirements to build most secure systems for industrial applications.
- Advanced Port Based Security IEEE802.1 x MAB (MAC Authentication Bypass) enables port-based access control by bypassing the MAC address authentication process to TACACS+/Radius Server.
- Using a central authentication center such as TACACS+/Radius, multi-level user passwords allows secure access and simplifies account administration especially in large-scale networks.
- DHCP snooping acts like a firewall between untrusted hosts and trusted DHCP servers.
- Support SFTP (Secure File Transfer Protocol using SSH encryption) for firmware upgrade.
- IP source guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host's IP address.
- Dynamic ARP inspection (DAI) validates the ARP packets in a network. DAI intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from some man-in-the-middle attacks.
- IPv4/v6 Access Control List (ACL): Packet filtering limits network traffic and restrict network use by certain users or devices.
- Prevention of malicious attacks from a single person (DoS) as well as groups of people (DDoS).
WoMaster Group is an international group with over 20 years of industrial market experience. WoMaster product range includes Industrial Networking and Computing products.Learn More
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe