I just learned of Check Point’s, of firewall fame, entry into the SCADA security market - - well sort of (hat tip: Matt Franz). It is the all too common move for a vendor to take a standard IT security product, put it in a slightly ruggedized platform and call it a control systems security product.

Reliable Security for Industrial Networks
VPN-1 UTM Edge Industrial appliances secure all common IP services with Check Point patented Stateful Inspection and Application Intelligence technologies. More than 150 predefined applications, services, and protocols are also supported out-of-the-box, including instant messaging, multimedia services, peer-to-peer applications, Voice over Internet Protocol (VoIP), and Web applications. The appliances include 802.1x port-based authentication, enabling organizations to control network access to machines based on endpoint security policy compliance and user access privileges.

So what in that section on Reliable Security for Industrial Networks was tailored to industrial networks? I’m not an authority on what environmental specs need to be met, but compare Check Point to Rugged

Check Point

Temperature: 0 to 55C
Humidity: 10 to 95%

RuggedCom

• Immunity to EMI and heavy electrical surges
  • Meets IEEE 1613 (electric utility substations)
  • Exceeds IEC 61850-3 (electric utility substations)
  • Exceeds IEEE 61800-3 (variable speed drive systems)
  • Exceeds IEC 61000-6-2 (generic industrial)
  • Exceeds NEMA TS-2 (traffic control equipment)
• Hazardous Location Certification: Class 1 Division 2
• -40 to +85°C operating temperature (no fans)
• Conformal coated printed circuit boards (optional)

So which seems to be designed for an industrial environment?

Check Point makes excellent products, but not industrial products. I get a couple of calls a month from a security vendor interested in pursuing the SCADA security market, but most are only interested in it from a marketing standpoint.

Update:  Check Point, Symantec, Cisco, Juniper … all make products that can be used for certain purposes in a control system - - such as the enterprise/control system perimeter, control center/field perimeter, or to create a server zone in the control center. They can help the community by providing white papers and other information on how their enterprise security products can be used in control systems. My complaint is when they try to sell them as some special SCADA model when they have added little or no SCADA intelligence.