Check Point Software Technologies has announced the extension of its comprehensive Industrial Control Systems (ICS) security solution with the introduction of a new 1200R security gateway appliance, enhancements to granular visibility and control of SCADA networks, and SCADA aware threat detection and prevention.
Today’s modern conveniences such as electricity, transportation and water systems are powered by ICS. An attack on these assets, systems and networks, whether physical or virtual, has the potential to shut down an entire region or country’s power grid and disrupt critical systems and production lines.
“Continuous cybersecurity breaches against critical infrastructure industries will result in environmental events exceeding $10 billion, catastrophic loss of life and new regulation, globally, by 2019,” states Gartner. In 2014, ICS-CERT responded to 245 reported incidents against industrial control systems in industries like manufacturing, energy, water and transportation. More than half of these incidents involved Advanced Persistent Threats (APTs) or sophisticated actors. Industrial control systems are typically under protected and highly vulnerable to breaches. These systems are compromised by aging and older software and Operating Systems (OS) that are typically not updated or patched frequently. When they are updated, fixing patches of ICS systems creates a long window of exposure, sometimes years, leaving these systems open to attacks.
“ICS protection is not to be taken lightly. Once cybercriminals gain access to a control system, damage is inevitable. The result of an ICS breach will be devastating – and it’s not a question of ‘if it happens,’ but ‘when it happens,’ which is why Check Point is dedicated to proactively protecting ICS to prevent such catastrophic events,” says Doros Hadjizenonos, country manager of Check Point South Africa. “The 1200R appliance is a new security gateway optimised for deployment in the harshest of industrial environments and remote locations to support ICS/SCADA and deliver what we see as unmatched security to a nation’s most precious assets.”
The Check Point 1200R is a new, purpose-built, ruggedised security gateway appliance for harsh environments and remote deployments like those found on plant floors, at remote electrical substations and at power generation facilities. The 1200R complements Check Point’s existing lineup of security gateway appliances that deliver full visibility and granular control of SCADA traffic to prevent network, devices and logical process attacks. With over 500 SCADA commands and parameters within the Check Point Firewall and Application Control Software Blades, and over 200 SCADA-specific IPS signatures, Check Point offers the most extensive SCADA security support. Specialised threat reports in Check Point Next Generation SmartEvent provide full reports on SCADA traffic to grant quick and detailed forensics for incident investigations. This overall security solution also has regulation compliance monitoring with the Check Point Compliance Blade.
Check Point also provides a full IT-OT security blueprint to protect the corporate perimeter, the bridge between IT-OT, the operator workstations, and the SCADA devices and traffic to deliver the best security for ICS.
“Check Point offers protection to our wide ranging assets by providing the capability to securely connect assets located over a large geographic area in less than ideal locations. We’re very pleased Check Point is taking this initiative with a SCADA solution to ensure our critical assets are protected. The addition of the new 1200R as an example of this innovation,” says Shawn Kearley, Infrastructure Analyst at Newfoundland Power.
Key features of the Check Point 1200R appliance include:
* Fully-featured Check Point security gateway with 6x1GbE ports and firewall throughput of 2Gbps;
* Industry’s most extensive support of ICS/SCADA-specific protocols including Modbus, MMS, DNP3, IEC 60870-5-104, IEC 61850, ICCP, OPC, BACnet, Profinet, , Siemens Step7 and many others;
* Compact form factor, fan-less, and no moving parts design exceeds standards, with an extreme operational temperature range from -40°C to 75°C; and
* Compliant to the most rigid regulations: IEC 61850-3, IEEE 1613 and IEC 60068-2.