DS-Radiflow-iSID-A4-V4
2Pages

Product Datasheet WHY RADIFLOW? Radiflow is a recognized leader in industrial cybersecurity, offering dedicated solutions designed to meet the unique requirements of industrial infrastructures: EXPERIENCE Over 10 years' experience discovering and analyzing advanced persistent threats and targeted attacks, including attacks on critical and industrial infrastructure UNIQUE METHODOLOGY Radiflow offers a unique scan methodology to detect industrial attack vectors that can cause downtime. EXPERTISE Dedicated team of industrial cybersecurity experts who understand the colliding worlds of automation and security. END-TO-END PORTFOLIO Radiflow offers a holistic portfolio of services and technologies, including SCADA gateways, routers and firewalls, industrial network IDS and many more. 1. NETWORK VISIBILITY Using passive scanning of all OT network traffic, iSID creates a visual network model for all devices, protocols and sessions, with alerts upon detected topology changes (e.g. new devices or sessions.) 2. CYBER ATTACK The Cyber Attack package handles known threats designed to the SCADA network, including PLCs, RTUs and industrial protocols, based on data from research labs as well as Radiflow's own research. 3. POLICY MONITORING Define/modify policies for each network link, for validating specific commands (e.g. "write to controller") and operational ranges (e.g. "do not set turbine to above 800 rpm.") iSIDIndustrial Threat Detection ► Automatic learning of topology & operational behavior ► Central-location deployment (using Radiflow's iSAP Smart Probes) or local deployment at remote sites ► Network traffic analysis based on DPI protocols for SCADA ► Supervision over configuration changes in PLCs ► Model-based anomaly detection analytics, signature-based detection of known vulnerabilities ► Non-intrusive network operation ► Low false-alarm rate ► Central management of multiple iSID instances using iCEN Six Security Packages for Comprehensive Threat Detection iSID enables non-disruptive monitoring of distributed SCADA networks for changes in topology and behavior, using six security packages, each offering a unique capability pertaining to a specific type of network activity: 4. MAINTENANCE MANAGEMENT Limit network exposure during scheduled maintenance by creating work orders for specific devices during set time-windows. A log report of all maintenance activities is issued upon session completion. 5. ANOMALY DETECTION The Anomaly Detection package creates a behavioral network model using multiple parameters, including device sequence sampling time, frequency of operational values and more, toward detecting behavioral anomalies. 6. OPERATIONAL BEHAVIOR Monitor and audit the management of devices (PLC, RTU & IED) at remote sites, with alerts for firmware changes or configuration modifications (e.g. software updates or turning edge devices on or off) and activity logging.

iSID Industrial Threat Detection iSID - Typical Use Cases Technician on-site: iSID will automatically monitor maintenance activities during the predefined time window. Operations outside of the iSID will detect attempts by spying malware to scan the maintenance boundaries will trigger alerts. network for SCADA devices such as PLCs and RTUs. Man-in-the-Middle Unauthorized PLC configuration changes: iSID will detect and alert upon rogue devices in the network iSID will detect known protocol commands which affect PLC impersonating a valid server, workstation or SCADA controller, by means of...