Enabling Multi-layer Cyber Security for Critical Infrastructure
The risk of cyber threats in the Industrial control systems (ICS) and SCADA systems has escalated in a historical pace as critical infrastructures, like power substation, oil and gas refinery, water treatment, and smart factory are connected by mainstream network protocols. However, the malicious attacks, namely Stuxnet worms, WannaCry ransomware, have evolved to penetrate into ICS networks from multiple paths on the interconnected networks. Therefore, there is an urgent need for more comprehensive, multi-layer network security solutions to protect both the IT and OT (Operating Technologies) networks in critical infrastructures
Multi-layer OT+IT Security
In a common digitalized setting for critical infrastructures, OT controls and manages Industrial Zone (Layer 0~3) like instrumentation bus, controller LAN and supervisory HMI and SCADA systems, whereas the IT monitors and authenticates Enterprise Zone (Layer 4~5) like web server, email server, FTP server and enterprise servers. In a more advanced model, an Industrial DMZ Zone (Layer 3.5) is established as an additional layer of protection towards externally interfaced services
IIoT Security Use Case
OT+IT Network Security Appliance
-
OT Security Gateway
LEC-6041
- Wide Temperature ICS Cyber Security Box PC
- IEC 61850-3 and IEEE 1613 Compliance
- Intel® Atom™ x7-E3950 or x5-E3930 CPU
- 5 x GbE LAN with 1 pair bypass, 2 x GbE SFP
-
Industrial DMZ Security Gateway
LEC-2512
- Intel® Atom™ C3000 CPU (8 ~16 Cores)
- 5x GbE RJ45, 4x 10G SFP+ (By SKU), 2x Pairs of Gen3 Bypass (By SKU)
- 300W Redundant PSUs & 2x Cooling Fans
- 4x 288-pin DIMM DDR4 2400MHz ECC or Non-ECC UDIMM, Max. 32GB
-
Enterprise IT Security Gateway
NCA-5220
- Intel® Xeon® E3-2100 Processor (Codenamed Coffee Lake)
- Generous and Flexible LAN Configurations, 3 Pairs of Gen3 Bypass
- Max. 64GB DDR4 2666MHz Memory, 2x 2.5” HDD/SSD Bays
- 2x NIC Module Slots, 1x RJ45 Console, 2x USB 3.0, 4x Keypads
