NitroSecurity, Waterfall Security Solutions Integrate Physical and Enterprise Management
NitroSecurity, Inc., the provider of high-performance, content-aware security information and event management solutions (SIEM), and Waterfall Security Solutions Ltd., a Unidirectional Security Gateways company, has announced the integration of the SIEM portfolio and Unidirectional Security Gateways. The integration combines absolute physical layer security with full enterprise-wide security monitoring and management, including SCADA and process control systems that are otherwise "invisible" to IT security monitoring solutions.
Unidirectional Security Gateways protect critical assets and infrastructures by only allowing outbound communications. All inbound traffic is blocked at the physical layer -- making it an ideal medium for the secure transport of SCADA and control system protocols associated with control system supervision. SIEM, in turn, is uniquely capable of monitoring these protocols and system activity, and correlating it with broader event activity across control system and business networks. This new integration allows NitroView to effectively report over Unidirectional Gateways and collect logs and events. This results in end-to-end security monitoring and analysis -- a common, but difficult to achieve requirement of NERC CIP, NEI 08/09, and other security regulations and recommendations. This monitoring also can detect anomalous outbound traffic, which may be an indication of malicious insider activity or threats introduced by other means.
"Unidirectional Security Gateways provide the ultimate in perimeter defense, by preventing any traffic from entering the secure area at the physical layer while allowing SCADA protocols to get out without any chance of a threat getting in," said Eric Knapp, director of Critical Infrastructure Markets for NitroSecurity. "However, sometimes a threat might manage to get around the gateway, using a USB stick for example, or it might initiate from the inside, altering control system operations, or infecting process control elements such as RTUs and PLCs. NitroView can detect those incidents, and report them back out across the Unidirectional Gateway."
Once outside of the protected control system, additional NitroView systems can correlate any detected risks or threats to other activities occurring within the supervisory or business LANs. "Together the products improve both the overall defense-in-depth capabilities of the critical systems, as well as the overall situational awareness of the system as a whole. It's a win-win for customers and added peace of mind in an increasingly dangerous threat environment," said Lior Frenkel, co-Founder and CEO of Waterfall.