Industrial Automation Magazine India

OpShield

Published on : Tuesday 30-11--0001

OpShield, deployed inside your industrial or medical environment, maps, monitors, and can block unwanted traffic. Wurldtech gives you visibility into your device communications, then actively help keep your people safe, operations running, and assets undamaged.

OpShield is fortified with an extensive set of ICS-specific vulnerability protection packs that are designed to thwart exploits that target OT vulnerabilities.

Wurldtech’s OT threat research targets root vulnerabilities, not just exploit symptoms. Wurldtech researchers write vulnerability signatures that are long-lasting and can defend against exploit variants. This nuance is critically important. Traditional threat signatures are short-lived due to variants easily bypassing signatures. But vulnerability signatures can defend against new attacks--including zero-day attacks--that leverage the same root vulnerability.

Combining this capability with well-researched OT protocol and device vulnerabilities delivers greater accuracy and broader protection.

Functionality     

BASELINE NETWORK COMMUNICATIONS

• Upon installation, OpShield observes and records all OT communications to establish traffic patterns, allowing you to establish “what’s normal.” This becomes the baseline for network communications whitelisting, the strongest form of cyber security policy creation. Asset owners or system integrators then review and edit the policies, knowing that the majority of the work is already done by OpShield.
• These baseline and automated policy creation capabilities allow system operators to make informed decisions about the communications that transpire across their controls networks.

NETWORK COMMUNICATIONS WHITELIST

• Building on the baseline, network communications whitelisting allows operators to block, allow, or simply alert on all traffic that doesn’t match an established policy. Operators gain more control and reduce complexity associated with unnecessary traffic.
• This approach to network communication control prevents attackers from misusing protocol commands, such as “shutdown,” “scan,” and “factory reset,” as well as parameters, such as “set point.” These commands and parameters exist in industrial protocols for good reason. But they can be dangerous when executed outside of the intended context.
• Whether for power generation, manufacturing, clinical healthcare or other critical infrastructure sectors, OpShield helps ensure that only the right commands for the right devices are executed.

EASY OT NETWORK SEGMENTATION

• Segmentation further helps reduce the attack surface.
• Unlike traditional IT VLANS or other segmentation techniques, OpShield’s drag-and-drop interface allows an operator to quickly segment an OT network, without the need to reconfigure or reengineer.
• It takes just a few minutes, yet can save hours, days or weeks in otherwise trying to contain malware or halt suspicious activity. Zone-specific whitelist policies also help minimize unexpected downtime by preventing lateral movement of ICS infections.
• Operators can easily apply fine-grain controls by associating whitelist policy with specific zones, or even zones within zones (nested zones).

 Wurldtech (GE Digital)