Archive for 'Firewall / Perimeter'
Waterfall and One Way Security
A small number of vendors are promoting unidirectional network security devices, most notably Waterfall Security Solutions from Israel. [FD: Waterfall has advertised on digitalbond.com] To their credit Waterfall has doggedly pursued the control system security space and has some good content on using their product in control systems. And based on the number of questions [...]
Author: Dale Peterson
Posted: September 1st, 2010 under Firewall / Perimeter, SCADA Architecture.
Comments: none
Stuxnet Panel Afterthoughts
I hope you had a chance to listen in to the Industrial Defender sponsored webinar on Tuesday. If not click on this link to hear Patrick Miller, Eric Byres, Andrew Ginter, Mark Zanotti and myself opine on the subject.
I think the webinar had a great overview on Stuxnet from Patrick Miller and some additional detail [...]
Author: Dale Peterson
Posted: July 29th, 2010 under Anti-Virus, Calculating Risk, Firewall / Perimeter, Vulnerability Disclosure.
Comments: 3
Tofino OPC Firewall in Triconex Module
Byres Security and Invensys have announced a Tofino Firewall module for the Triconex Safety System. It looks an industrial device and has similar environmental specs, -40 to 70C, Class I Div 2 and Zone 2 approved. What is new about this product is OPC application intelligence.
The data sheet has most of the information, but if [...]
Author: Dale Peterson
Posted: May 6th, 2010 under Field Communication, Firewall / Perimeter.
Comments: 2
Win7/2008R2 Firewall Part 3
Last week, I discussed the updates to the active profiles and port ranges within rules features. Today, I wanted to talk about a couple encryption and authorization features. Specifically, the ability to dynamically create encryption tunnels and manage the users/computers that can and cannot communicate to the firewalled network service.
The dynamic encryption feature [...]
Author: Marco Cajina
Posted: March 15th, 2010 under Firewall / Perimeter, Microsoft.
Comments: none
Win7/2008 Firewall Part 1
Recently, I was onsite at a vendor’s office as part of the Bandolier project and ran into a situation where the Win2k3 firewall was not enabled or configured. After the onsite visit and a little Firewall enabling, I started to think about how much the Windows Firewall has changed since WinXP/Win2k3. Specifically, I [...]
Author: Marco Cajina
Posted: March 9th, 2010 under Firewall / Perimeter, Microsoft.
Comments: none
External Connections
When stories about Internet based attacks on control systems, like the 60 Minutes story, appear on sites like Slashdot, most people question the need to attach the control network to another network. In my previous position at a National Laboratory, I have seen proper network segregation implemented successfully, though at times it can be a [...]
Author: Charles Perine
Posted: November 12th, 2009 under Authentication, Big Picture, Firewall / Perimeter, Remote Access, SCADA Architecture.
Comments: 5
S4 Paper Online – Analysis of One-Way and Deep Inspection Technologies in Control Systems
First – Don’t forget to get your abstracts in to present a paper at S4 2010 in January in beautiful Miami Beach. The deadline for submission is Sept 15th, and we have some papers already accepted so don’t miss your chance.
This weeks online paper from past S4 events is from Ludovic Piètre-Cambacédès and Pascal Sitbon [...]
Author: Dale Peterson
Posted: August 27th, 2009 under Firewall / Perimeter, S4.
Comments: 1
Malware, Viruses, and Attackers hopping networks
Many of us in the Control System community feel pretty secure in the belief that our critical networks are not directly connected to the internet, and as such are insulated from attack. Apparently (and as oft has been stated) this is not sufficient protection, if the control systems communicates with a network that does have [...]
Author: Kevin Lackey
Posted: April 24th, 2009 under Firewall / Perimeter, SCADA Architecture.
Comments: 2
Conficker beFUDdlement
I’ll start off by saying don’t believe all the FUD that’s been going around, we all know how many members of the media area when they get hold of a story, especially one that can have a date in the future to speculate on.
That said, there are definitely some interesting things going on with the [...]
Author: Daniel Peck
Posted: April 1st, 2009 under Anti-Virus, Authentication, Firewall / Perimeter, Security Tools.
Comments: 5
No Budget Security Ideas: Part 1
I’ve talked to a few people recently who have control system security responsibility but are on a very tight or non-existent budget. Some things, like the network taps that we discussed recently, do have significant cost but there are many basic security steps that can be taken with little or no capital expense. We’ll identify [...]
Author: Jason Holcomb
Posted: February 11th, 2009 under Firewall / Perimeter, Security Tools.
Comments: 2