Industrial Security
Industrial Ethernet
Data Centers
Broadcast AV
Belden News
Blog Home
Blog Category: Industrial Security

Posted by: Industrial IT Team on April 04, 2012

Deep Packet Inspection (DPI) is important for the future of SCADA / ICS security - and in this article I explain why.

DPI SCADA Security: Reviewing the Basics
In Part 1 of this series I explained DPI technology in detail. To review, the traditional IT firewall examines the TCP/IP and Ethernet headers in the network messages it sees. It then makes decisions whether to allow or block a message based on this limited information.

DPI technology allows the firewall to dig deep into the SCADA protocols that sit on top of TCP/IP and Ethernet. The firewall then determines exactly what the SCADA protocol is being used for and makes better decisions on what should be allowed or blocked.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Industrial IT Team on March 29, 2012

I have talked repeatedly about something called Deep Packet Inspection (DPI) and why it is so important for SCADA / ICS security (for example, see Air Gaps won’t Stop Stuxnet’s Children). The trouble is, I have never described what DPI actually is. So in today’s blog I will back up and explain what DPI firewall technology is all about.

Some Firewall Basics

To understand DPI, it is first important to understand how the traditional IT firewall works. A firewall is simply a device that monitors and controls traffic flowing in or between networks. It starts by capturing traffic passing through it and comparing that traffic to a predefined set of rules (called Access Control Lists or ACLs). Any messages that do not match the ACLs are then discarded.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Industrial IT Team on March 21, 2012

In my earlier column on the philosophy of Defense in Depth, I discussed how relying on a single defensive solution exposes a system to a single point of failure. No matter how well designed or strong that single defense is, either resourceful adversaries or Murphy’s Law eventually results in the defense malfunctioning or being bypassed. When that happens, the entire system is wide open to attack.

A far more effective strategy for reliable security is called “Defense in Depth”. Today’s blog will discuss what this actually means in the real world of SCADA and ICS security.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Frank Williams on March 07, 2012

In my blog article Industrial Data Compromise – The New Business Risk I
recommended that End Users and Control Engineers need to redouble their efforts in relation to securing their process. However, finding the best way to justify the costs of implementing and maintaining a more secure process environment is new territory even for the most seasoned control system engineer. In this article I suggest a way to determine the right amount of investment in ICS and SCADA security measures.

The Challenges Facing Control Engineers Today

Industrial control engineers are finding added complexity invading their world at an accelerated pace. Global competition continues to drive expectations of increased productivity. New technologies with shorter device life cycles demand compressed “pilot” project testing time. And the networking of everything forces tight integration between the enterprise network and the previously isolated, fit-for-purpose, process control network (PCN).

Read More >>


Comments (0) Post a Comment

Follow Us

Subscribe
Industrial Security
RSS Feed
Industrial Security
Email Notifications

Search
Industrial Security Blog
All Belden Blogs


Stay Informed