Belden Helps Schneider Electric Secure Critical Industrial Infrastructure
New ConneXium Tofino Products Deliver a Simple Way to Secure Automation
ST. LOUIS -- November 14, 2012
Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for
mission-critical applications, announces that Schneider Electric has selected
its Tofino Security technology to protect its industrial automation systems.
The new ConneXium Tofino Security Solution is a suite of products that hardens
industrial systems against network incidents and cyberattacks, improving
operational security, reliability and performance.
In the last decade, industrial automation systems have been increasingly
linked to business systems as organizations look to work smarter and more
efficiently. Legacy industrial communication systems originally designed to
work only within facility walls are now a hub of information activity, with
intelligence passing back and forth between the plant floor and, when
necessary, the outside world. At the same time, the cyber threat level for
critical infrastructure, especially threats aimed at energy, water and
transportation systems, has increased dramatically.
“Processors and manufacturers are continuously threatened by new and
increasingly dangerous cyberattacks, which require greater vigilance and
security,” said Dave Doggett, program director for Industry Cyber Security at
Schneider Electric. “The ConneXium Tofino Industrial Security Solution
provides a key element in mitigating risks by managing the traffic to and from
Schneider Electric automation devices before patches are applied or new more
secure products deployed.”
“In addition this capability can be used to enforce plant procedure by
blocking inappropriate programming commands to devices, preventing mistakes.
By collaborating with the experts at Tofino Security, we are able to provide
our customers with an easy-to-deploy industrial grade firewall that works
seamlessly with our systems.”
The core of the new product line is the ConneXium Tofino Firewall, a rugged
security appliance. By inspecting each network message that passes through it,
the firewall can ensure that only the right network messages from the right
computers can be sent to critical controllers. Hacking attempts, deliberately
corrupted messages and even network traffic storms are stopped dead by the
ConneXium Tofino Firewall.
The popular Modbus protocol is further secured using the Deep Packet
Inspection capabilities provided by the ConneXium Tofino Modbus TCP Enforcer
module. Only “allowed” Modbus commands from “allowed” devices go through the
firewall, preventing incidents caused by inappropriate remote programming or
deliberately corrupted messages from malware until appropriate patches or
changes can be applied to the control system.
The firewall is configured using the new ConneXium Tofino Configurator,
Windows-based software that includes Tofino’s patented Plug-n-Protect
technologies. “We have worked hard to make the ConneXium Tofino a solution
that can be used out of the box,” said Eric Byres, CTO and vice president of
engineering at Tofino Security. “Engineers don’t need to be security experts
to secure their facility with Tofino.”
An example of the Plug-n-Protect technologies included in the ConneXium Tofino
are 15 pre-configured templates for major Schneider automation products.
Engineers simply select the models of Schneider product they are using in
their plant from the templates. They then decide which devices they want to
allow communications to and the ConneXium Tofino Configurator automatically
determines the appropriate rules. The software also includes expert technology
that looks for common mistakes in firewall programming and proposes possible
Bob Lockhart, senior research analyst, Pike Research commented, “Automation
systems face unique cyber security challenges that require protection, built
by companies that understand how those systems work. Lacking extravagant IT
budgets, automation systems also require cyber security systems that just
work, with a minimum of human intervention. Companies want to focus on their
core business, not the enabling technology.”
Once in the field, it is easy to keep the ConneXium Tofino Firewall up-to-date
using Tofino Security Profiles. These are sets of tailored rules and protocol
definitions that defend against newly disclosed vulnerabilities and malware.
Each Tofino Security Profile is packaged so that it can be quickly deployed
without impacting operations, thereby providing a quick and effective defense
against new threats. For example, recently Schneider Electric utilized the
Tofino Security Profile feature to make available mitigation against publicly
announced vulnerabilities in its Modicon PLC product line, allowing customers
quick access to a mitigation prior to the subsequent release of new firmware
without the need to interrupt production for a firmware update until a
scheduled maintenance period.
The ConneXium Tofino Security Solution is the latest offering in the ConneXium
family of industrial communications and security products. Earlier in 2012 the
ConneXium Eagle Firewall was released, providing boundary protection and
encryption for industrial facilities.
The ConneXium Tofino Firewall is available for order now from Schneider
Model # Description
TCSEFEA23F3F20 ConneXium Tofino Firewall - 10/100BASE TX/TX
Tofino Security provides practical and effective industrial network security
and SCADA security products that are simple to implement and that do not
require plant shutdowns. Its products include configurable security appliances
with a range of loadable security modules plus fixed function security
appliances made for specific automation vendor applications. Tofino Security
products protect zones of equipment on the plant floor, and are complementary
to Belden’s Hirschmann brand, which leads industrial networking solutions.
Both groups service and secure industrial networks in the oil and gas,
utilities, transportation and automation industries.
St. Louis-based Belden Inc. designs, manufactures, and markets cable,
connectivity, and networking products in markets including industrial
automation, enterprise, transportation, infrastructure, and consumer
electronics. It has approximately 7400 employees, and provides value for
industrial automation, enterprise, education, healthcare, entertainment and
broadcast, sound and security, transportation, infrastructure, consumer
electronics and other industries. Belden has manufacturing capabilities in
North America, South America, Europe, and Asia, and a market presence in
nearly every region of the world. Belden was founded in 1902, and today is a
leader with some of the strongest brands in the signal transmission industry.
For more information, visit www.belden.com.
Belden, Belden Sending All The Right Signals, Tofino, Plug-n-Protect and the
Belden logo are trademarks or registered trademarks of Belden Inc. or its
affiliated companies in the United States and other jurisdictions. Belden and
other parties may also have trademark rights in other terms used herein.
Joann Byres, +1 250-984-4105
VP and General Manager
Michelle Foster, 314-854-8006
Press spacebar to pause and continue. Press esc to stop.