Device-based firewall profile added to CIP Security

ODVA has announced that CIP Security, the cybersecurity network extension for EtherNet/IP, has added a new device-based firewall for enhanced intrusion deterrence.

The CIP Security device-based firewall provides users with a simple traffic filter similar to how the IP Tables program enables a firewall to be setup in Linux. The device-based firewall is enabled via a new CIP Security Device-Based Firewall Profile, which allows for flexibility to enable or disable this feature as desired. CIP Security now offers even more robust device level protections with a device-based firewall to help discourage bad actors from infiltrating EtherNet/IP industrial networks.

The CIP Security device-based firewall is a mechanism to filter traffic based on IP address, port, and protocol. The device-based firewall is implemented via a new CIP object called the Ingress Egress Object, which enables an allow list of known IP addresses, configuration of available cipher suites, and routing rule definitions based on IP addresses and port numbers. This means that EtherNet/IP devices with CIP Security can determine what nodes can be safely communicated with and whether TLS or DTLS encryption is required.

Additionally, the user can decide whether other devices can route CIP communications through the configured CIP Security device. The new device-based firewall adds another layer of deterrence as a part of a defence in depth approach to help protect physical and digital assets from harm.

“CIP Security continues to add additional security capabilities such as the new device-based firewall to help protect EtherNet/IP devices from misuse that could lead to critical system damage or information loss,” stated Jack Visoky, EtherNet/IP system architecture Special Interest Group (SIG) vice-chair.

Dr Al Beydoun, president and executive director of ODVA concurred, saying: “The prevention of unauthorised IP address and port numbers from accessing CIP Security enabled EtherNet/IP devices allows for another layer of protection for critical industrial automation applications as a part of a defence in depth approach.

“The addition of the device-based firewall profile for CIP Security is another important update to continue the fight against malicious cyber intrusions that can lead to financial and reputational loss.”

The new CIP Security Device-Based Firewall Profile allows for only known IP addresses to communicate using standard EtherNet/IP. Additionally, permitted CIP routing can be configured based on a set of trusted IP addresses, ports, and encryption. As a result of implementing the device-based firewall, data packets without matching IP address and/or ports will be dropped and therefore won’t be able to complete intended malicious tasks.

ODVA is focused on ensuring that EtherNet/IP users have robust and continuously updated device security options available to them via CIP Security as a part of a defence in depth approach.

ODVA EMEA

43 Quarry Bank
Tonbridge
TN9 2QZ
UNITED KINGDOM

+44 (0)1732 352371

odva@odva.org

www.odva.org

More news
1 day ago
steute Technologies restructures its business fields
steute Technologies, an international technology company offering switches, intelligent sensors and wireless systems, has announced a comprehensive restructuring of its business fields.
2 days ago
Showcasing design, production and process engineering in the food and drink sect
Taking place on 1 May 2024 at the National Motorcycle Museum, Food Manufacturing Live serves the design, production, process and maintenance engineering teams across the UK food and drink manufacturing sector.
2 days ago
Understanding safety and security for the protection of human and machine
How do you master employee protection, liability protection, productivity and data protection? How do you increase your quality and simultaneously prevent manipulation on your machines? How do you protect your data and employees in equal measure? Pilz is hosting a free webinar on 15 December, 9:30-10:30 am, to address just these questions.
3 days ago
Schaffner opens new regional channels for its range of EMC solutions
EMC solutions provider, Schaffner, announces new partnerships with three distributors to further broaden the reach and scope of its product range and support services across Europe. The new agreements with Telerex, CATS and DSL Components will open new supplier corridors and enable customers to have local and faster access to products.
3 days ago
New SCARA robot transforms pick-and-place and assembly operations
ABB Robotics is expanding its industrial SCARA robot portfolio with the addition of the IRB 930. The new robot, compromising three variants capable of handling 12 kg and 22 kg payloads, has been designed to meet the demands of new growth opportunities in traditional and new markets.
3 days ago
Pilz CMSE training in high demand, as 10,000th graduate qualifies
With the CMSE qualification (Certified Machinery Safety Expert), Pilz created a completely new training programme for machinery safety in 2013. After a decade Pilz is now proud to congratulate the 10,000th graduate to successfully complete the CMSE examination.
3 days ago
New eBook offers expert insights on embedded security
Mouser Electronics announces a new eBook produced in collaboration with global semiconductor leader Analog Devices (ADI). In Embedded Security: Keeping Edge Data Safe, experts from ADI and other companies take a deep look at embedded security concepts and their importance.
4 days ago
New era beckons at UK’s largest online valve supplier
Gary Hopkinson, founder of Valves Online, a sales partner for Bürkert, has announced his retirement, planned for the end of this year. In March, the UK’s largest online valves supplier underwent a business acquisition by R&G Fluid Power Group. Gary has been assisting the transition while Valves Online is set to retain its successful business model.
4 days ago
Lowering production costs in the beverage industry
BrauBeviale, one of the leading capital goods fairs for the beverage industry worldwide, is due to take place in Nuremberg from November 28 to 30, 2023. Schaeffler will be on site with a presentation that focuses on solutions for economical and efficient beverage production.
4 days ago
NSK Europe makes significant environmental progress in FY2022-23
NSK Europe continues to make improvements to its environmental credentials, with the past 12 months seeing significant progress in a number of key metrics as the company works towards its ultimate carbon-neutral goal.

Login / Sign up