As critical infrastructure network become smarter, automated and more connected, they are also more susceptible than ever to cyber threats.
Communication network of power grids, water system, public transportation and oil rings are subjected to an incredible number of cyber-attacks per day.
RAD has ideated a secure-by-design offer for critical infrastructure applications, called Service Assured Networking solutions to ensure reliability and protection for the operational network. The SAN portfolio is composed by Multiservice Networking Platform (Megaplex-4), Ruggedized SCADA-aware switch/router (SecFlow family) and Network Management & Orchestration (RADview).
To ensure even more protection, in May 2016 RAD announced a partnership with Check Point, the largest pure-play security vendor globally, to integrate RAD’s SAN solution portfolio with the ICS Security Gateway solutions by Check Point.
RAD and Check Point offer a joint end-to-end cyber security solution that protects any utility operational technologies network by eliminating RTU and SCADA equipment vulnerabilities and defending against cyber-attack on network control and data planes.
The solution is structured in various building blocks:
- Overlay solution, adds a cyber-security layer to any existing ICS/SCADA OT network;
- RAD’s secure-by-design multiservice networking platforms handle various SCADA protocols, serial and TCP-based, from different SCADA devices. RAD’s networking equipment employ Device Connection Control (802.1x) with the option to disable all unused ports to prevent connection of rogue devices or unauthorized users;
- Check Point’s ICS Security Gateway software is fully integrate in RAD’s Megaplex-4 multiservice platform and can be installed in any substation/”tail site” or control center, in distributed or centralized topologies. The ICS Security Gateway includes firewall, application control (APCL), intrusion prevention (IPS), and VPN software blades and provides deep packet inspection (DPI) for SCADA communications, virtual patching and logging for inbound and outbound traffic;
- An intermediate system of interactive remote access is uniquely combined with a build-in terminal server, allowing secure control of IP and serial (RS-232/RS-485) SCADA devices, including tunneling, data encryption, multi-factor user authentication, and authorization to manage only predefined SCADA devices;
- An integral part of RAD’s end-to-end cyber security solution is network encryption, allowing the utility to protect form “man in the middle” attacks using IPsec and MACsec tunnels, depending on the OT network;
- Check Point’s logging server (SmartEvent), as well as a Syslog server collect and logs events from the Intermediate System and from the ICS Security Gateway;
- Network Management is performed by RADview and Check Point systems.
When the network infrastructure is developed with RAD SecFlow devices, SCADA technology is connected with them by the serial port; that allow to create a IPSec tunnel in the VPN network where to carry SCADA traffic to the Check Point firewall.