Most critical networks are geographically dispersed without built-in security mechanisms and despite the claim that they are “isolated” there is always a connection to the wider network that exposes the SCADA network to multiple attack vectors.
CyberShield Analysis and Detection for SCADA Networks (AnD SCADA) is a non-intrusive Detection and analysis and ad-hoc Forensics solution. It’s agnostic networks protocol and hardware deployment provides monitoring and advanced threat protection for industrial networks, and delivers an independent overview of the network operational safety and security status (Machinery, RTU's, PLC's and HMI’s). The solution includes network forensics and provides real time alerts for any traffic or command that is anomalous with preconfigured policy.
AnD SCADA “BlackBox” approach delivers an independent view of the SCADA network and traffic, while alerting on malicious activity even if the SCADA system itself is compromised. AnD SCADA also includes the enhanced Blocking BlackBox (optional), which comprises both blocking and immediate response capabilities. CyberShield leads the market with the most comprehensive support for SCADA protocols and is the only solution that also provides serial inspection, which is a key part in the ICS domain. Furthermore, AnD SCADA includes capabilities to identify attack vectors that change RTU configurations.
With Cyber Shield Analysis and Detection for SCADA Networks, organizations can:
- Seamlessly monitor and protect all parts of the industrial network regardless to protocol or hardware.
- Identify in-depth system anomalies in priority cyber incidents.
- Aggregate and document all relevant events across the entire SCADA network over time.
- Gain a comprehensive understanding and drill down into advanced threat patterns