Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

Monitoring network activity to tackle SCADA vulnerability

15 December, 2014
Network security systems can provide an unobtrusive method of monitoring industrial control systems and alerting network managers to potential threats.


The protection of industrial control systems (ICS) requires a different approach to enterprise IT security, an approach that relies less on patching and automated updates and more on monitoring and taking remedial action in a precise and controlled way that leaves the ICS in an operational and stable condition.



Achieving this is often fraught with difficulties due to increasing levels of integration with commercial systems and remote endpoints such as smartphones and tablets. Since these endpoints represent the greatest threat, maintaining a constantly updated and valid security posture is essential.



With this additional complexity, industrial engineers can no longer consider their networks to be "air-gapped" and need to embrace the same good IT security practices as commercial networks whilst protecting the stability of the industrial control system.



Next-Generation network access control systems can provide one means of achieving this by providing network managers with visibility of all devices attached to such systems and monitoring their security position. Without automated corrective activity, the network manager receives all alerts relating to endpoint vulnerabilities and patching status and can therefore take appropriate and targetted actions to secure the network.



According to Forescout Technologies, suppliers of the CounterACT Network Access Control product, there is no reason why NAC can't be aplied to ICS environments.



ForeScout told us: “CounterACT is able to operate in Industrial Control System environments thanks to its ability to passively monitor network activity. It can provide visibility into devices on such systems, help classify them, and identify rogue devices connecting to these networks. In addition, ForeScout CounterACT can also help monitor the patching level of certain systems on the network, for example SCADA systems running on Windows machines.”

 

Operators of Industrial Control Systems can find out more information on how CounterACT can help them by visiting th blog post on SCADA security by Doron Shikmoni.

 



Jonathan Newell is a broadcast and technical journalist specialising in security systems and transport safety. He contributes to a range of titles in the technical press. He shares his time between the UK and Kazakhstan



 


Bookmark and Share