iSID Industrial Threat Detection
2Pages

Product Datasheet Product Datasheet Industrial Threat Detection XX Automatic learning of topology & operational behavior XX Central-location deployment (using Radiflow’s iSAP Smart Probes) or local deployment at remote sites XX Network traffic analysis based on DPI protocols for SCADA XX Supervision over configuration changes in PLCs XX Model-based anomaly detection analytics, signature-based detection of known vulnerabilities XX Non-intrusive network operation XX Low false-alarm rate XX Central management of multiple iSID instances using iCEN MULTIPLE SECURITY PACKAGES FOR COMPREHENSIVE THREAT DETECTION iSID enables non-disruptive monitoring of distributed SCADA networks for changes in topology and behavior, using six security packages, each offering a unique capability pertaining to a specific type of network activity: 1. NETWORK VISIBILITY: Using passive scanning of all OT network traffic, iSID creates a visual network model for all devices, protocols and sessions, with alerts upon detected topology changes (e.g. new devices or sessions.) 2. CYBER ATTACK: The Cyber Attack package handles known threats designed to the SCADA network, including PLCs, RTUs and industrial protocols, based on data from research labs as well as Radiflow’s own research. ABOUT RADIFLOW Radiflow develops trusted Industrial CyberSecurity Solutions for Critical Business Operations. Our portfolio of gamechanging solutions for ISC/SCADA networks empowers users to maintain visibility 3. POLICY MONITORING: Define/modify policies for each network link, for validating specific commands (e.g. “write to controller”) and operational ranges (e.g. “do not set turbine to above 800 rpm.”) and control of their OT networks. Our 4. MAINTENANCE MANAGEMENT: Limit network exposure during scheduled maintenance by creating work orders for specific devices during set timewindows. A log report of all maintenance activities is issued upon session completion. and loss within your OT environment. 5. ANOMALY DETECTION: The Anomaly Detection package creates a behavioral network model using multiple parameters, including device sequence sampling time, frequency of operational values and more, toward detecting behavioral anomalies. 6. OPERATIONAL BEHAVIOR: Monitor and audit the management of devices (PLC, RTU & IED) at remote sites, with alerts for firmware changes or configuration modifications (e.g. software updates or turning edge devices on or off) and activity logging. intelligent Threat Detection and Analysis Platform for industrial cyber-security minimizes potential business interruption Radiflow’s team consists of professionals from diverse backgrounds, from cyberexperts from elite military units and automation experts from global cybersecurity vendors. Founded in 2009, Radiflow’ solutions, are successfully deployed by major industrial enterprises and utilities protecting more than 3,000 critical facilities worldwi

Product Datasheet: iSID Industrial Threat Detection TYPICAL USE CASES TECHNICIAN ON-SITE: iSID will automatically monitor maintenance activities during the predefined time window. Operations outside of the iSID will detect attempts by spying malware to scan the maintenance boundaries will trigger alerts. network for SCADA devices such as PLCs and RTUs. UNAUTHORIZED PLC CONFIGURATION CHANGES: iSID will detect and alert upon rogue devices in the network iSID will detect known protocol commands which affect PLC impersonating a valid server, workstation or SCADA controller, by means of Mac or...