SingleKey™ SCADA Firewall
SingleKey™ SCADA Firewall has the full Layer 7 application protection features of SingleKey™ and is specifically designed to protect SCADA industrial automation and control systems. It is the only product on the market that provides multi-protocol Layer 7 filtering to industrial control sensors and controllers.
Stuxnet exposed the significant vulnerabilities of SCADA-based industrial automation and control systems (power grids, nuclear plants, building automation, oil/gas, water systems, transportation, etc.). It was the most sophisticated and possibly most consequential malware ever created. While the civil infrastructure of the Western world was unlikely the target of the deadly worm, governments and states around the world are scrambling to look for security solutions to protect their civil infrastructure. A lot of research has been done on Stuxnet but no major security companies have presented a viable solution. Much of the industrial control systems are not directly connected to the Internet for security reasons, making them difficult to be protected by web-based firewalls and intrusion detection systems. SingleKey™ SCADA Firewall is multi-protocol, supporting web, non-web, and offline applications. As a result, Bayshore is in a unique position to address the cyber security threats on industrial automation and control systems. We are currently working with a number of federal agencies and defense companies to design the optimal security architecture and best practices for securing the nation’s civil infrastructure.
SingleKey™ SCADA Firewall supports widely used protocols such as Modbus TCP, BACnet, DNP3, IEC 61850, C12.19/C12.22, and others. It also facilitates NERC CIP compliance requirements in the power and utilities industry.
- •Protecting interfaces between IP network and non-IP industrial controllers/sensors.
- •Uniform secure access from control networks to sensors.
- •Providing secure connection points between SCADA environment and IP networks.
- •Translating SCADA data formats into IP protocols.
- •Full Layer 7 protection and analysis of all SCADA Commands (language and traffic.)
- •Multi-Protocol Layer 7 Firewall protection for SCADA devices/sensors.
Bayshore SCADA Firewall vs. Legacy SCADA Firewall
| Bayshore SCADA Firewall | Legacy SCADA Firewall |
|---|---|
| Full Application Layer 7 | Layer 2 and 3 |
| Adaptive machine-learning of system behavior | No self-learning |
| Ultra fine-grained control of sensor queries and machine settings (at the data level) | Coarse-grained control |
| Automatically block suspicious or incorrect commands | Cannot block automatically |
| Trust depends on behavior, NOT on IP addresses | IP addresses based |
| Automatic integration of threat intelligence (SingleView™) | No integration with threat intelligence |
| Easy Management control over a large set of SingleKey™ Systems | Weak management |