Around August 2018, the largest manufacturing company of semiconductors and processors in Taiwan was forced to shut down its production facilities due to a widespread computer virus. The chip manufacturer reported that some of its fabrication systems were infected by the derivative version of “WannaCry” virus, a ransomware attack which devastated many enterprises and institutions in 2017.
Although this giant semiconductor manufacturer has been known for its strict IT security procedures, the vulnerability was found in the Operating Technology (OT) domain, which is actually the most valuable sector of chip making companies as it contains million dollars worth of assets and facilities. Therefore, OT must be well-protected as it is the department that generates production and output.
A leading industrial cyber security company from EMEA and Lanner co-developed a set of network monitoring and management solution to bridge the gap between IT and OT. The joint solution must manage, monitor and control the systems deployed in SCADA, PLC and ICS (industrial control systems) environments to prevent cyber threats from accessing and tampering these valuable assets. Therefore, this industrial cyber security gateway shall include the following functionality:
IEC/IEEE Compliance for harsh environment
Critical infrastructures are mostly situated in remote, unmanned harsh environments with possible electrical surges or other uncertainties. Thus, the demanded solution shall be compliant with IEC61850-3 and IEEE1613 to ensure reliability.
DPI (Deep Packet Inspection) is a mandatory element for ICS security. The mechanism not only inspects the packets throughout the traffic, but also extracts useful information (data and metadata) for monitoring the OT networks.
The cyber intelligence topology may deal with high workload of surveillance and DPI. Therefore, the required solution shall be built with high-performance and low power processors.
Rich and Flexible LAN Configuration
For industrial firewall, LAN configuration and bandwidth are critical. Therefore, it is ideal to have rich and flexible LAN configurations, like multiple GbE RJ45 I/Os for management ports and SFP LAN ports.
LAN Bypass Mechanism
LAN bypass is a necessary fault-tolerant mechanism especially for systems deployed in unmanned, harsh environment. In fact, the demanded solutions shall be integrated with the latest LAN bypass technology to ensure stability in network traffic.
The network infrastructure linking IT and OT domains can be complicated, and thus it would be ideal for the solution to provide NIC module expansion to enhance the bandwidth and other related functions.
Wide Operating Temperature
Extreme ambient temperature may occur in critical infrastructures. Thus, the required solution must support wide range of operating temperature from -40°C to 75°C.
ESD/Surge Protection & Magnetic Isolation Protection
Since uncertainty may occur with the power and magnetic in unmanned critical infrastructures, the demanded gateway must be equipped with ESD/surge protection, as well as 1.5KV magnetic isolation protection to minimize potential interruptions.
The programmable LED provides operators with intuitive system status messages. It comes with a range of default messages, but can be programmed by on-site engineers so that specific messages can be configured.
Lanner cooperated with the leading industrial cyber security company from EMEA to co-develop a network monitoring solutions that provide visibility, integrity and security for industrial control systems.
Lanner’s LEC-6041, is designed to protect the communication in both IT and OT domains. LEC-6041 Series is empowered by Intel Atom x7-E3950 or x5-E3930 for low power consumption and high processing performance. As a rugged firewall deployed in challenging environments, LEC-6041 is compliant with IEC 61850-3 and IEEE 1613 certification, and made with 1.5 KV magnetic isolation protections for LAN port and 15KV ESD Protection for I/O ports. The system can operate in a wide range of operating temperature from -40°C to 75°C. All of the hardware designs of the security gateway LEC-6041 assure minimized possibility of downtime while operating in hazardous surroundings such as OT sectors.
For cyber intelligence center and IT data center, Lanner’s NCA-5220, a 1U rack mountable network appliance empowered by Intel® Xeon® E3-2100 processor and Intel® C246 chipset (codenamed Coffee Lake). NCA-5220 comes with generous and flexible configurations for LAN ports, NIC expansion, storage and management, delivering advanced networking prowess for network traffic security, cloud computing and data centers. NCA-5220 provides 2x NIC module slots for expansion and supports up to 64GB of DDR4 2666MHz system memory in either ECC or non-ECC UDIMM. For storage, there are 2x 2.5" HDD/SSD bays available. Lastly, NCA-5220 is equipped with 4 x system fan (3x default & 1x reserved) and 300W 1+1 ATX redundant PSUs for IT data center environment.