- Products & Services
Security Updates
Security Products
Control Hardware
- Compliance
Mitigation Techniques
- Resources
- Company
- Contact
Firewalls are devices that isolate one network (or segment of a network) from another by permitting or denying communication across the firewall boundary. Typical installations in the controls sector include isolating the industrial control system (ICS) network from the corporate network, or placing a firewall between the ICS network and a remote facility that monitors the control system for optimization, tuning, and other purposes. When implemented properly, firewall boundaries establish network segments of higher and lower levels of security, depending on the criticality of the components.
Unsecured Internet connections are still a scary reality for many SCADA systems according to DHS and the FBI. Check out this InformationWeek article.
Firewalls employ rules for communication and methods of inspecting the data communicated across the firewall boundary. Packet filters inspect batches of data, or “packets,” which transfer through the firewall. Based on the rule-set, a packet that matches a particular filter will be dropped to protect the network on the other side of the firewall. Knowledge of firewall defense is becoming more and more widespread, and so are means of compromising firewall boundaries, by modifying packet characteristics for example. "Stateful" filters provide additional layers of data inspection by storing packets for more in-depth analysis and filter application. The state of a connection can trigger specific rules, and malicious code can more easily be detected through stateful firewall filters.
Another technique for firewall deployment is "whitelisting." Whitelisting allows an administrator to specifically identify approved data sources for transmission while blocking all others. If this is too limiting, using multiple firewalls (preferably from multiple vendors) can provide added security by double- or triple-checking network traffic.
Many factors must be considered before implementing security on a control network. These include the overall network architecture or topology, number and configuration of connected devices, and all local and external or “remote” connections to the control network. Firewall placement and configuration is critical to protecting ICS networks and providing additional layers of security. FoxGuard Solutions has the experience and expertise to analyze the characteristics of your site, performing network assessments and customizing a security strategy (including firewalls) that will greatly improve the posture of your critical network.