First and Only Cyber Security Solution for DNP3 |

First and Only Cyber Security Solution for DNP3

August 172015
First and Only Cyber  Security Solution for DNP3

Winner of the 2014 ISA's Excellence in Technical Innovation award, Ultra Electronics, 3eTI’s CyberFence industrial firewall solution deliver robust encryption and application-level deep packet inspection (DPI) capabilities.  Recently 3eTI added DNP3 (distributed network protocol) support for its CyberFence product line.

Organizations such as the DNP User’s Group and ICS-CERT have been aware of numerous vulnerabilities specific to DNP3, some with the potential to damage equipment and impede operations. After collaborating with security, 3eTI created the first and only protocol-aware DNP3 packet inspection solution available today. CyberFence mitigates issues and complexities involved in implementing a fully-secure and robust DNP3 solution.  The new capability dynamically inspects and validates all DNP3 communications, adding previously unavailable security to counter vulnerable pathways in the SCADA systems used by most water and electric utilities.

Industrial networks facilitate the free flow of messages that could allow poison packets to be sent with potentially disastrous effect. The use of DNP3 Secure Authentication doesn’t protect all payloads or those from a compromised device, making validated protocol-aware packet inspection essential. Unlike other security systems that perform incomplete or simplistic signature-based matching, CyberFence comprehensively parses the DNP3 protocol, including DNP3 Secure Authentication messages, to detect any malformed, unauthorized, or malicious messages.

More than a traffic encryption device, CyberFence also provides protections such as port authentication, access-control, and application level packet inspection. Unlike competitors who are designed for general enterprise applications, CyberFence is specifically designed to provide strong cryptographic defense-in-depth protection for IP connected PLC (Program Logic Controller) devices.

Generic firewall devices only filter industrial protocols based on TCP or UDP ports. Many virus and cyber-attacks use the same open ports for industrial protocol to penetrate a network. The application level DPI in CyberFence offers addition layers of protection to isolate vulnerability contamination from one PC and prevent it from affecting the industrial control functions.