Operational Technology Security
Industrial Control Systems (ICS), the utility grid, and the Industrial Internet of Things (IIoT) constitute a wide range of devices and services, including many that are in the class of critical infrastructure. The growing number of operational technology endpoints connected to the Internet increases the cyber-attack surface exponentially, introducing new vulnerabilities and attack vectors.
Unique and Scalable Solution
Invisinet Transport Access Control (TAC) is well suited to protect distributed operational technology devices and supporting cloud services. TAC operates end-to-end across network and cloud boundaries, regardless of network topology. Invisinet segments and isolates SCADA and IIoT devices blocking scanning, discovery, and access from all unidentified and unauthorized devices and systems. It closes attack vectors by allowing only authorized and authenticated inbound and outbound network sessions. Invisinet TAC operates prior to a session or connection being made, effectively rendering critical infrastructure networks and IIoT devices invisible to attackers. Low host compute requirements support integration with many different types of operational devices. Invisinet can be deployed on a device or in a network segment architecture to communicate identity on behalf of individual IoT sensors or SCADA devices. This supports both new and legacy environments, providing scalability supporting millions of devices.
Delivering strategic value to operational environments:
- Stops cyber-attacks and unauthorized visibility: Invisinet provides a new and fundamental solution to protect against advanced persistent threats and attacks by dropping unnecessary and unwanted traffic
- Regulatory compliance: Utilities and critical infrastructure operators are faced with increasing regulatory compliance requirements. NERC Critical Infrastructure Protection (NERC CIP) is a set of requirements designed to secure the assets required for operating North America’s bulk electric system. Invisinet protects those critical assets by enabling identity based access to those systems and supporting networks
- Privacy: The connection of utility systems and IoT devices significantly increases the level of information shared across various organizations. Access to sensitive information must be tightly controlled. Invisinet proactively discards unauthorized traffic from entering or leaving a network – only authenticated connections are allowed to be established