Multi-Site Cybersecurity Solution

Description

ICS Shield is a top-down OT cybersecurity management solution for securing connected ICS/SCADA environments. Empowering organizations to implement connected operations while minimizing cybersecurity vulnerabilities, ICS Shield secures remote field assets from a single security and operations center.

 

This field-proven solution automates the deployment and enforcement of plant-wide security policies while focusing on security essentials such as inventory visibility, patching, log collection, remote access, and compliance ICS SHIELD SOLUTION reporting. Complying with the NIST Cybersecurity Framework, the NIST SP 800-82 guidelines, and leading international standards (including NERC CIP, ENISA, PERA, ISO 27001 and ISA/IEC-62443), ICS Shield improves the security compliance posture of industrial organizations.

 

Deployed at thousands of sites worldwide in the oil and gas, utility, chemical, mining and manufacturing sectors, ICS Shield delivers unrivaled visibility, reliability and compliance for industrial plant operations.

 

Discovery Automation

The first step in protecting an OT environment is identifying precisely what’s on the network. ICS Shield helps you achieve an accurate inventory of your ICS assets including hardware, software and service configurations. Automating this discovery process, ICS Shield enables end-to-end visibility of OT assets, empowering your organization to effectively enforce its security procedures. ICS Shield enables leading asset discovery technologies for optimized results.

 

Main discovery automation capabilities:

  • Asset auto-discovery: Scheduling discovery of ICS assets for an up-to-date inventory
  • Configuration collection: Collecting detailed data about each asset
  • Asset classification: Classifying assets by their level of criticality
  • Change management: Monitoring changes in asset inventory and configuration
  • Asset visualization: Providing a clear view of all field assets by business and geography.

 

Secure Remote Access

In order to maintain high levels of security, uptime and safety of distributed devices, secure remote access to field assets is required by first- and third-party personnel and machines. Providing extremely granular and robust AAA remote access, ICS Shield ensures secure remote access and monitoring, protected file distribution to devices, and safe data transfer from plants to HQ for analysis and risk management.

 

Main secure remote access capabilities:

  • AAA remote access: Including centralized authentication, granular authorization, and session accounting and control
  • Password vault: Authenticating remote users without sharing device credentials
  • Secure file distribution & data transfer: Securely distributing files to devices and sending data from devices to central security and operations center.

 

Security Policy Management

Industrial organizations require simplified yet effective security policy management to better secure their dispersed OT networks. ICS Shield unifies and automates the policy management process, empowering the creation, deployment and enforcement of plant-wide and granular security policies. Leveraging ICS Shield’s security policy management, operations and control teams significantly improve OT cybersecurity and compliance.

 

Main security polices:

  • Patching and anti-malware updating: Decreasing window of vulnerability between patch qualification and update
  • Log collection: Empowering improved risk management
  • Whitelists/blacklists: Hardening OT devices and reducing attack surface
  • Securely move backup files to an offsite location improving incident recovery capabilities
  • Custom policy creation: Enabling refining of organization’s cybersecurity
  • Compliance reporting: Allowing compliance monitoring and the communication of identified vulnerabilities.

 

Robust Infrastructure

ICS Shield infrastructure is designed for multi-site, multi-vendor deployment, with all sites connected to the security and operations center via Honeywell’s Secure Tunnel. This distributed architecture guarantees data security and integrity. Policies and files are easily distributed through the Secure Tunnel from the Security Center (SC) located at the enterprise data center to the Virtual Security Engine (VSE) installed at each plant. Data collected from the ICS assets by the VSE is sent to the SC for reporting, analysis and risk management purposes.

 

Main infrastructure components:

  • Secure Tunnel: Powering secure communications using TLS encryption, with every session initiated outbound only using a single port and firewall rule.

 

Distributed Architecture:

  • Security Center (SC): Serving as organizational security team’s main portal for top-down OT cybersecurity management and monitoring via an intuitive dashboard, while communicating with VSEs at plants and multiple IT security tools
  • Virtual Security Engine (VSE): Enforcing policies and supporting a wide range of protocols for connecting to multiple assets
  • Policy Manager: Powering the creation, deployment and enforcement of plant-wide granular policies and custom policies
  • Reporting Tool: Generating customized and pre-defined compliance reports.
Be the first to review this product
Add your review:
RELATED STORIES