Industrial Security
Industrial Ethernet
Data Centers
Broadcast AV
Belden News
Blog Home
Popular Tags

Featured Bloggers

Belden.com

Most recent posts by "Industrial IT Team"

Defense in Depth Part 2: Layering Multiple Defenses
Blog Category: Industrial Security

Posted by: Industrial IT Team on March 21, 2012

In my earlier column on the philosophy of Defense in Depth, I discussed how relying on a single defensive solution exposes a system to a single point of failure. No matter how well designed or strong that single defense is, either resourceful adversaries or Murphy’s Law eventually results in the defense malfunctioning or being bypassed. When that happens, the entire system is wide open to attack.

A far more effective strategy for reliable security is called “Defense in Depth”. Today’s blog will discuss what this actually means in the real world of SCADA and ICS security.

Read More >>

SCADA Security and Deep Packet Inspection - Part 1
Blog Category: Industrial Security

Posted by: Industrial IT Team on March 29, 2012

I have talked repeatedly about something called Deep Packet Inspection (DPI) and why it is so important for SCADA / ICS security (for example, see Air Gaps won’t Stop Stuxnet’s Children). The trouble is, I have never described what DPI actually is. So in today’s blog I will back up and explain what DPI firewall technology is all about.

Some Firewall Basics

To understand DPI, it is first important to understand how the traditional IT firewall works. A firewall is simply a device that monitors and controls traffic flowing in or between networks. It starts by capturing traffic passing through it and comparing that traffic to a predefined set of rules (called Access Control Lists or ACLs). Any messages that do not match the ACLs are then discarded.

Read More >>

ISC West 2012 Recap with Emphasis on Power over Ethernet
Blog Category: Industrial Ethernet

Posted by: Industrial IT Team on March 30, 2012

The International Security Conference (ISC) took place March 28 through 30 at the Sands Convention Center in Las Vegas. Over 900 companies exhibited at the show. Belden’s GarrettCom brand exhibited and represented Belden’s Industrial Solutions Division in the booth.

PoE (Power over Ethernet) was a key area of booth focus in terms of products displayed as well as the booth’s main theme. PoE has come a long way since GarrettCom started exhibiting about five years ago at ISC. On display in the GarrettCom booth was a full breadth of PoE switches as well as hardened switches and routers. A large display board of Belden industrial cables was also prominent and generated quite a bit of interest. When GarrettCom first started exhibiting at the ISC West Show, the booth personnel had to explain the basic concepts of what PoE was and how a PoE switch worked. This year, PoE was everywhere. Solutions for standard 802.3af PoE, 802.3at PoE+, and beyond were shown and discussed.

Read More >>

SCADA Security and Deep Packet Inspection - Part 2
Blog Category: Industrial Security

Posted by: Industrial IT Team on April 04, 2012

Deep Packet Inspection (DPI) is important for the future of SCADA / ICS security - and in this article I explain why.

DPI SCADA Security: Reviewing the Basics
In Part 1 of this series I explained DPI technology in detail. To review, the traditional IT firewall examines the TCP/IP and Ethernet headers in the network messages it sees. It then makes decisions whether to allow or block a message based on this limited information.

DPI technology allows the firewall to dig deep into the SCADA protocols that sit on top of TCP/IP and Ethernet. The firewall then determines exactly what the SCADA protocol is being used for and makes better decisions on what should be allowed or blocked.

Read More >>

Why SCADA Firewalls Need to be Stateful - Part 1 of 3
Blog Category: Industrial Security

Posted by: Industrial IT Team on April 11, 2012

This article is a collaboration between Joel Langill and Eric Byres. Joel is the CSO at SCADAhacker.com. He can be reached at joel@scadahacker.com.

Following on from Eric Byres’ discussion of Deep Packet Inspection (DPI), this article discusses a second and equally important aspect of effective firewall security referred to as “stateful inspection”.

In order to understand exactly what is meant when we talk about “state”, we need to look at the specifics behind the TCP communication sessions that are most common in modern day industrial control systems (ICS) and SCADA applications.[1] The figure below illustrates the model.The DPI that was previously discussed is actually analyzing and making decisions based on the information contained in the upper layer of the model. This layer is where you would typically see specific application operands such as a Modbus Read Coil (e.g. function code 2) or a Modbus Write Single Register (e.g. function code 6).

Read More >>

GarrettCom Edge Switches Network LAPD Cruisers' Mobile Communications
Blog Category: Industrial Ethernet

Posted by: Industrial IT Team on April 15, 2012

The Los Angeles Police Department (LAPD) is the third largest police department in the United States with over 10,000 officers responsible for a 500 mile, four million person area. With such a large area and limited officers, increasingly the LAPD is turning toward mobile communication systems. Police need to be able to retrieve data such as personal and vehicle information via police headquarters and other government databases. Additionally, the interchange of data among various police officers in field cruisers is very efficient.

The Los Angeles Police Department (LAPD) wanted hardened Ethernet switches that would be mounted in the trunks of their police cruisers to provide both a data and video communication system in each vehicle. Key to the selection of the networking equipment was the switches’ ability to withstand the extreme temperatures that sometimes occurred in the trunks of the vehicles. In particular, LAPD wanted to insure that the switches were capable of withstanding up to 70°C in an enclosed vehicle in the California sun with no performance deterioration. Another key consideration for LAPD was whether or not the switches had a history of reliability.

Read More >>

Effective Security Requires Involved Leadership
Blog Category: Industrial Security

Posted by: Industrial IT Team on April 18, 2012

This article is provided by Ernie Hayden of Verizon. Ernie is the "Managing Principal – Energy Security" with Verizon's Global Energy & Utilities practice. He can be reached at ernie.hayden@verizon.com, 206-458-8761.

Note from Eric Byres: As cyber threats directed at industry become more common, it is important for top executives to become involved with their organization's cyber security policies. The following article by Ernie Hayden comments on the situation from an IT perspective. My point of view is that today's threats to operational systems merit the same degree of management attention. Enjoy Ernie's article and make use of the data in Verizon's excellent report.

Read More >>

When Do You Need an Industrial Ethernet Solution?
Blog Category: Industrial Ethernet

Posted by: Industrial IT Team on April 24, 2012

In some environments, networking products are placed in clean air conditioned offices, where installers often give less thought to hardening characteristics of switches, routers, and the cables used to connect them. But, other environments are less “pristine”. Here, industrial communications and control networks are expected to operate consistently and reliably under extreme conditions, such as electromagnetic interference (EMI), high operating temperatures, ambient outdoor temperatures, power/voltage fluctuations, machine vibration, mechanical hazards and more.

Read More >>

Follow Us

Subscribe
Blog Home
RSS Feed
Blog Home
Email Notifications

Search
All Belden Blogs


Stay Informed