Cyber Security for Industrial Control Systems

Defend Against Cyber-Security Threats While Providing Real-Time Data to Multiple Clients

Strengthen your cyber security strategy with the zONeGUARD. The patent pending cyber security product is a simple to install, drop-in hardware system that enables legacy field devices to communicate securely with the master SCADA control center via private and public networks, without causing disruption of operations or data integrity. The system consists of a gateway and remote device(s) and is designed to maintain persistent tunnel connections. The zONeGUARD offers the functionality of a terminal server by providing secure communication links between serial COM and

ethernet field devices with the TCP/IP gateway computer. SSH security protocol is used with authentication enabled by dynamic rotating keys. Isometric drawings.

 

 

 

The zONeGUARD system features built-in firewalls that do not require VPNs, although existing firewalls may be combined into the zONeGUARD solution. The simplicity of the system allows for quick installation and eliminates the need for time consuming scripting, rules, policies and NATing of VPNs.

Product Features

• Zone Security/Intrusion Prevention System (IPS)
  • Data is transmitted from field devices to the gateway securely over a private or public network
  • No VPN required (will work with existing VPN)
  • Not vulnerable to viruses and worms targeted at Windows® based software
  • Separate configuration port must be connected locally eliminating unauthorized access via the internet
  • Both Gateway and Remote devices have separate trusted and untrusted ports
  • Through the untrusted zone, only SSH encrypted and authenticated information is allowed via TCP/IP networks
  • Firewalls on both Gateway and Remote devices are pre-configured to block all networking ports except for those required for the secure SSH connections
• Intrusion Detection System (IDS)
  • The zONeGUARD Remote analyzes network connection attempts, logs and filters information, creating one simple report accessible through the web console of the Gateway or Remote -Example report
  • zONeGUARD IDS eliminates the need for analysis of extensive system log files
• Redundancy
  • Critical zONeGUARD Gateway configuration files can be periodically backed up
  • Upon the event of zONeGUARD Gateway failure, back up files can easily be imported into a back up Gateway device
  • Upon the event of data center failure, back up files from the zONeGUARD Gateway device can be ported to another Gateway device at a redundant facility
• Automatic Key Management / Rotating Keys
  • zONeGUARD Gateway and Remote are securely linked via paired keys
  • Keys cannot be stored, lost or stolen
  • No need to generate strong passwords- all keys are generated internally by the zONeGUARD system
• Multiple Configurations Possible
  • Each zONeGUARD Gateway can process up to 100 secure IP tunnels
  • zONeGUARD Remotes have 3 RS232 ports and one RS485 port- ethernet field devices may also be connected
  • Uses an enhanced terminal server to connect serial COM devices
• Easy Integration in Current Systems
  • Simple installation
  • Compatible with legacy field devices- works with all native protocols
  • No additional software required
  • Internal searchable help manual
  • Embedded web browser configuration tool
  • Connects via public or private networks that support TCP/IP including VSAT and cellular modem
• Reliable
  • Extended temperature range of -4˚ F to 140˚ F (-20˚ C to 60˚ C)
  • No fans or moving parts

  Integrated Options

  • Protocol conversion
  • Port forwarding
  • Modbus write protection