ConneXium Tofino Firewall protects EtherNet/IP communications
Hold Tech Files Ltd
Posted to News on 29th Jan 2014, 09:52

ConneXium Tofino Firewall protects EtherNet/IP communications

Belden Inc. is announcing that Schneider Electric has expanded its ConneXium Network and Security offer with the addition of EtherNet/IP Deep Packet Inspection (DPI) to the ConneXium Tofino Firewall. The addition of DPI for the popular Ethernet/IP protocol allows Schneider Electric's customers to further harden their industrial control systems against network incidents and cyberattacks. It also allows easier enforcement of company policies for network and device access. The result is improved operational security, reliability and performance.

ConneXium Tofino Firewall protects EtherNet/IP communications

Ken Mikelinich, product manager for industrial security devices at Schneider Electric, says: "Cyberattacks on manufacturing and process control facilities are increasing. They are also becoming more sophisticated. Enhanced security, along with the tangible business benefits of enforcing corporate security and compliance policies are a must. The extension of the ConneXium Tofino Firewall to include superior protection of EtherNet/IP communications is another important way we are helping customers mitigate risk and support plant policy using security devices."

The ConneXium Tofino Firewall inspects and secures network traffic to and from Schneider Electric automation devices, providing protection from traffic storms, malformed messages and deliberate hacking attempts. In addition, the technology can be used to enforce plant procedure. For example, it can be used to block inappropriate modification or programming of critical devices and controllers, preventing costly mistakes and improving overall network uptime and reliability.

Frank Williams, senior product manager for Security at Belden, remarks: "We are pleased to be expanding our relationship with Schneider Electric with this additional product, and providing their customers with an easy-to-deploy industrial grade firewall that works seamlessly with Schneider Electric's systems."

The central functionality of the ConneXium Tofino Firewall is a security appliance / firewall that inspects each network message that passes through it, ensuring that only the right network messages from the right computers can be sent to critical controllers. Hacking attempts, deliberately corrupted messages and even network traffic storms are effectively prevented.

Deploying and configuring the product is made easy for engineers who are not generally security experts through the use of Tofino's patented Plug-n-Protect technologies. This includes expert technology that looks for common mistakes in firewall programming and corrects them with a single mouse click. Specific Schneider Electric product know-how is also built in, with pre-configured firewall templates for major Schneider Electric automation products.

Better decisions

Advanced protection is provided through DPI technology. Traditional IT firewalls examine TCP/IP headers in network messages and then make decisions whether to allow or block a message based on this limited information. DPI technology allows the firewall to dig deep into the SCADA and ICS protocols that sit on top of TCP/IP. The firewall then determines exactly what the protocol is being used for and makes better decisions on what should be allowed or blocked.

ConneXium Tofino Firewall's 2012 release included DPI for the Modbus TCP protocol. This year, the capability has been expanded to include DPI for the EtherNet/IP protocol. This includes special functionality for EtherNet/IP communications:

  • Support for all Common Industrial Protocol (CIP) objects and services with pre-configured GUI elements according to ODVA specifications
  • Validity checking of both CIP and EtherNet/IP message headers to prevent common hacking techniques, such as buffer overflow attacks
  • An "Advanced" option which allows engineers to select specifically allowed Services and Objects for a firewall rule from a pre-configured drop-down list

Eric Byres, chief technology officer at Tofino Security, comments: "The ConneXium Tofino Firewall is unique in that it makes an easy to deploy security technology even easier by including smarts about Schneider Electric products. It then combines this ease-of-use with advanced firewall features that are specific to industrial needs. The result is a pragmatic and robust security solution for the plant floor."

The ConneXium Tofino Firewall with EtherNet/IP protection is part of the Schneider Electric ConneXium family of industrial communications and security products. In 2012 the ConneXium Industrial Firewall was released, providing boundary protection and encryption for industrial facilities. The ConneXium Tofino Firewall was also introduced that year, providing plant floor protection of automation systems from network incidents and cyberattacks. The ConneXium Tofino Firewall is available for order now from Schneider Electric.

Please visit www.belden.com for further information about industrial control systems and security.


Belden

Edisonstraat 9
Postus 9
5900 AA
NETHERLANDS

+31 77 387 8555

Bosch Rexroth SICK (UK) LTD Procter Machine Safety ABSSAC Ltd Mechan Controls Ltd Pilz Automation Ltd Aerotech Ltd Dold Industries Ltd Phoenix Contact Ltd HARTING Ltd STOBER Drives Ltd Spelsberg Els UK Ltd Machinesafe Compliance Ltd Micro Epsilon UK Limited Kawasaki Robotics (UK) Ltd WEG (UK) Ltd AutomateUK Servo Components & Systems Ltd M Buttkereit Ltd Leuze electronic Ltd Euchner (UK) Rittal Ltd FATH Components Ltd Smartscan Ltd PI (Physik Instrumente) Ltd AutomateUK Murrelektronik Ltd Heidenhain (GB) Ltd