Floodgate Defender Appliance

Floodgate Defender Appliance™ is a compact firewall appliance providing drop in protection for networked industrial devices. Installation and configuration is done in minutes, providing instant protection against cyber-attacks from hackers, denial of service attacks, cyber-sabotage attacks, automated hacking bots, and other Internet-based threats. Floodgate Defender Appliance is powered by the Floodgate Software Products to provide protection, management and situational awareness for a single end point device or to create a secure enclave providing end point protection to multiple devices.

With inclusion of Floodgate Agent, a secure web interface or your corporate policy management system allows configuration of customized communication policies. The Floodgate Defender Appliance enforces these policies, dropping unwanted packets before they are passed to the target device, blocking attacks before a connection is even established.

Floodgate Security Framework

The Floodgate Security Framework (FSF) provides a building blocks for creating secure embedded devices.  Floodgate Security Framework modules are availabe as individual products or as an integrated framework for embedded Linux or any RTOS.

Floodgate Security Architecture

Overview

Floodgate Security Framework (FSF) provides engineers developing embedded devices a comprehensive security solution allowing them to build secure, authenticated, trusted devices.

IT security practices require endpoints to be authenticated, trusted, secured and managed before they are allowed to operate on the corporate network.  IT/OT convergence and the emergence of security standards in various industries requires embedded devices provide the same security capabilities as IT devices.  

The Floodgate Security Framework provides:

  • Management system integration for IT/OT convergence.
  • Security capabilities to ensure the device is protected from attack.
  • Building blocks for compliance with security standards including EDSA, ISA/IEC 62443 and NIST Cybersecurity guidelines.

Floodgate Security Framework Modules

Floodgate™ Firewall, an award winning embedded firewall, provides Stateful Packet Inspection (SPI), rules-based filtering and threhold-based filtering to protect embedded devices from Internet-based threats.

Floodgate™ Intrustion Detection Software (IDS) provides a critical, missing layer of security for embedded devices. Floodgate IDS protects RTOS and embedded Linux device from malicious or accidental changes to firmware, configuration information or static data.

Floodgate™ Secure Boot ensures only authenticated firmware from the OEM is allowed to run on the device. 

Floodgate™ Agent provides situational awarness, security event reporting, command audit log support and security policy management for embedded and IoT devices. Floodgate Agent provides management provides integration with the enterprise security management systems.

Floodgate™ McAfee ePolicyOrchestrator agent provides integration between RTOS-based devices and the McAfee ePO and ESM enterprise management systems.

Cyber Threats for Embedded Devices

Internet-based attacks are on the rise and an increasing number of these attacks are targeting embedded devices. Cyber-criminals, hacking bots, industrial or international espionage agents and even terrorist groups are now targeting industrial, military, automotive and medical devices as well as utility systems.

Reported attacks against industrial devices include:

  • Automotive manufacturing plant shutdown resulting from a cyber-attack.
  • Pipeline monitoring system that failed due to a DoS attack.
  • Train system delays caused by hackers.
  • Sewage spill caused by a control system hacked by an insider.
  • Proliferation of malware targeting industrial automation systems including Stuxnet, Flame, Havex and BlackEnergy.

 

 

Iconfidant SSH

Iconfidant SSH is a source code product implementing SSH and SFTP client and server for embedded security for the VxWorks embedded operating systems. It implements SSHv1 and SSHv2 protocols with strong authentication and encryption.