printer friendly version

Protect your scada systems

Check Point Software Technologies announced the extension of its Industrial Control Systems (ICS) security solution with the introduction of a new 1200R security gateway appliance, enhancements to granular visibility and control of scada networks, and scada aware threat detection and prevention. Today’s modern conveniences such as electricity, transportation and water systems are powered by ICS. An attack on these assets, systems and networks, whether physical or virtual, has the potential to shut down an entire region or country's power grid and disrupt critical systems and production lines.

“Continuous cybersecurity breaches against critical infrastructure industries will result in environmental events exceeding $10 billion, catastrophic loss of life and new regulation, globally, by 2019,” states Gartner. In 2014, ICS-CERT responded to 245 reported incidents against industrial control systems in industries like manufacturing, energy, water and transportation. More than half of these incidents involved Advanced Persistent Threats (APTs) or sophisticated actors.

Industrial control systems are typically under-protected and highly vulnerable to breaches. These systems are compromised by ageing and older software and operating systems (OS) that are typically not updated or patched frequently. When they are updated, fixing patches of ICS systems creates a long window of exposure, sometimes years, leaving these systems open to attacks.

Doros Hadjizenonos

“ICS protection is not to be taken lightly. Once cybercriminals gain access to a control system, damage is inevitable. The result of an ICS breach will be devastating – and it’s not a question of ‘if it happens,’ but ‘when it happens,’ which is why Check Point is dedicated to proactively protecting ICS to prevent such catastrophic events,” said Doros Hadjizenonos, country manager of Check Point South Africa. “The 1200R appliance is a new security gateway optimised for deployment in the harshest of industrial environments and remote locations to support ICS/scada and deliver what we see as unmatched security to a nation’s most precious assets.”

The Check Point 1200R is a new, purpose-built, ruggedised security gateway appliance for harsh environments and remote deployments like those found on plant floors, at remote electrical substations and at power generation facilities. The 1200R complements Check Point’s existing lineup of security gateway appliances that deliver full visibility and granular control of scada traffic to prevent network, devices and logical process attacks.

With over 500 Scada commands and parameters within the Check Point Firewall and Application Control Software Blades, and over 200 scada-specific IPS signatures, Check Point offers the most extensive scada security support. Specialised threat reports in Check Point Next Generation SmartEvent provide full reports on scada traffic to grant quick and detailed forensics for incident investigations. This overall security solution also has regulation compliance monitoring with the Check Point Compliance Blade.

Check Point also provides a full IT-OT security blueprint to protect the corporate perimeter, the bridge between IT-OT, the operator workstations, and the scada devices and traffic to deliver the best security for ICS.

Key features of the 1200R appliance

• Fully-featured Check Point security gateway with 6x1 GbE ports and firewall throughput of 2 Gbps.

• Industry’s most extensive support of ICS/Scada-specific protocols including Modbus, MMS, DNP3, IEC 60870-5-104, IEC 61850, ICCP, OPC, BACnet, Profinet, Siemens Step7 and many others.

• Compact form factor, fan-less, and no moving parts design exceeds standards, with an extreme operational temperature range from -40°C to 75°C.

• Compliant to the most rigid regulations: IEC 61850-3, IEEE 1613 and IEC 60068-2.

Share this article:

Further reading: