Industrial Defender Guard

Industrial Defender Guard is a family of multi-function security appliances that are installed at the boundary of the control systems to form a virtual electronic perimeter. This market leading implementation of the new breed of "Unified Threat Management" appliances combines a number of layers of defense into a single device, providing vastly improved security at significantly lower cost. Guard provides functionality including:

Firewall - used to determine which connections and services are allowed into and out of the control system environment, preventing unauthorized users from accessing your systems.

Virus Protection - scanning traffic at the perimeter for viruses minimizes the need to run anti-virus applications on the control equipment. This is a key consideration for older systems, systems that are already heavily loaded, or systems where the control vendor does not support anti-virus functionality. In newer systems it reduces risk by catching viruses before they reach multiple hosts.

Intrusion Prevention - Guard can be configured to recognize and automatically discard a wide variety of malicious traffic, including traffic seeking to exploit vulnerabilities in infrastructure software such as operating systems and web servers. Combined with virus scanning it ensures that the content of traffic allowed by the firewall is free of today's rapidly growing forms of attack. Content Filtering - categories of high-risk content can automatically be filtered from traffic at the perimeter. You can configure Guard to block Java applets, Active X or other components or files.

Integrated Virtual Private Networking (VPN) - Guard also provides secure "virtual connection" even over insecure shared networks. Used for either site-to-site or remote access applications, Guard can provide a tunnel through un-trusted business networks for various applications such as historian back-ups. It can also provide a secure connection for management staff or third party contractors. Guard's built-in gateway supports all common options such as IPSEC, PPTP, L2TP, DES, 3DES, AES and others. Finally it is design for use with all common forms of user authentication such as LDAP, Radius or internally provided database.

Pre-planned Lockdown States - maintaining availability of the control system under various threat conditions is a top priority. Under normal circumstances all the connections that are required by the business will be enabled. However as the threat level increases it is prudent to trade-off convenience for a greater degree of protection, = e.g. completely isolate the control network from the rest of the corporate network under the highest threat condition, or drop all external connections under heightened threat conditions. Making such decisions on the fly is difficult and error prone. The Industrial Defender management console includes facilities to predefine a set of lockdown states that can be implemented on the Guard appliance with the click of an authorized mouse. Operators choose a lockdown state based on indicators such as the current level of malware activity from one of the many industry-tracking organizations, or an industry specific threat indicator provided by organizations such as ISACs (U.S.) or WARPs (UK).