Industrial control systems have nowadays become large networks that can be accessed remotely, making them increasingly vulnerable to sophisticated security breaches.
The main purpose of the intrusion detection system (IDS) is to identify factors that are trying to disrupt the industrial network.
Standard intrusion detection systems include: network-based (NIDS) and host-based (HIDS) IDS. Our NIDS allows systems to be installed without affecting the control environment.
The device operates passively, monitoring all traffic in surveyed sections.
It performs real-time traffic analysis and packet logging, protocol analysis, and content matching for prohibited application commands and default passwords.
Moreover, it detects new unauthorized systems on the network. It reveals variations/tests based on the following signatures:
- OS fingerprinting – identifying the end-client operating system using unique fingerprints
- Stealth port scans – scanning for open port vulnerabilities
- Automatic signature updates
- Detects Modbus TCP, DNP3, ICCP and other SCADA/control system signatures
- Has the ability to detect the use of default passwords and commands of interest (reset, shutdown, etc.)
Our HIDS monitors performance and security events in the host system. It knows the normal operating patterns of your system and alerts on any anomaly. In addition, it allows the use of a whitelist for applications.
Meeting Regulatory Requirements
Network Separation Products
Network Separation Applications
Cyber Security Services
Want to see our Solution in Action?
Yehadut Canada 3, Or Yehuda, Israel