Verano launches protection appliance for industrial operations
Mansfield, MA—To increase control system security and reliability in industrial applications, Verano Inc. has launched its Industrial Defender Guard appliance that protects control systems and networks against cyber-attacks by integrating security features, including virus protection and intrusion prevention.
Mansfield, MA— To increase control system security and reliability in power generation, electrical, energy distribution, water treatment, waste handling and transportation applications, Verano Inc. has launched its Industrial Defender Guard. The company says Guard is the first perimeter-protection appliance that protects control systems and networks against cyber-attacks by integrating an array of security features, including virus protection and intrusion prevention.
Guard is the second part of Industrial Defender’s solution, which was launched in June 2003. Verano says its new Guard option makes Industrial Defender the only security management system designed to monitor and protect control infrastructure from external and internal hazards.
To alleviate cyber-security threats, users operating mission-critical infrastructures needs to secure their control systems and networks to mitigate risks and avoid critical data losses; revenue-generation interruptions; blackouts; and possibly endangering public safety. Verano reports that traditional enterprise solutions aren’t equipped to secure a specific plant’s control system because they can’t interact with equipment running on industrial control networks.
Consequently, Verano built Industrial Defender on Red Hat, hardened with SELinux extensions developed by the National Security Agency (NSA). The Guard intrusion prevention appliance is fully integrated with Industrial Defender, and is viewable from one operator interface. This means that, for the first time, control system and network security is put in the hands of the control engineer, rather than the IT department.
Guard also includes a patent-pending Dynamic Lock-Down feature, which is tied to security threat levels, such as those determined by the U.S. Department of Homeland Security (DHS). During heightened threat levels, Guard enables rapid lockdown of the plant environment based on pre-configured security rules, which dynamically modify control environment access to protect
In addition, Guard can be added to existing systems at the connection point to the external network, which allows blocking of unauthorized users and malicious content. The appliance’s ASIC-based architecture allows in-line intrusion prevention, network virus scanning, content filtering and VPN gateway functionality to be delivered at wire speed.
'Industrial Defender provides reliable visibility into potential security and availability concerns in the plant environment,' says Al Cooley, Verano’s security director. 'The addition of perimeter defense functionality with the integrated Guard appliance is very valuable to our customers, enabling fortification of critical assets from a wide variety of incoming threats, without the need to deploy and manage multiple solutions.'
Industrial Defender Guard other features include:
ASIC-based firewall, which blocks unauthorized users from plant networks, and provides real-time inspection of web, e-mail and FTP traffic;
Network anti-virus filtering, which protects vulnerable control systems that can’t run desktop anti-virus products;
Built-in intrusion prevention system (IPS) that recognizes and eliminates malicious traffic be-fore it hits critical systems;
VPN support to establish secure, encrypted links to remote users;
Verano Rules Manager with immediate lockdown, which provides rapid, reliable pre-planned responses during heightened-threats periods; and
Full integrations with Industrial Defender, providing monitoring and control from one operator-friendly interface.
Control Engineering Daily News Desk
Jim Montague, news editor