|[November 14, 2012]
Belden Helps Schneider Electric Secure Critical Industrial Infrastructure
ST. LOUIS --(Business Wire)--
Inc. (NYSE: BDC), a global leader in signal transmission solutions
for mission-critical applications, announces that Schneider Electric (News - Alert) has
selected its Tofino Security technology to protect its industrial
automation systems. The new ConneXium Tofino Security Solution is a
suite of products that hardens industrial systems against network
incidents and cyberattacks, improving operational security, reliability
In the last decade, industrial automation systems have been increasingly
linked to business systems as organizations look to work smarter and
more efficiently. Legacy industrial communication systems originally
designed to work only within facility walls are now a hub of information
activity, with intelligence passing back and forth between the plant
floor and, when necessary, the outside world. At the same time, the
cyber threat level for critical infrastructure, especially threats aimed
at energy, water and transportation systems, has increased dramatically.
"Processors and manufacturers are continuously threatened by new and
increasingly dangerous cyberattacks, which require greater vigilance and
security," said Dave Doggett, program director for Industry Cyber
Security at Schneider Electric. "The ConneXium Tofino Industrial
Security Solution provides a key element in mitigating risks by managing
the traffic to and from Schneider Electric automation devices before
patches are applied or new more secure products deployed."
"In addition this capability can be used to enforce plant procedure by
blocking inappropriate programming commands to devices, preventing
mistakes. By collaborating with the experts at Tofino Security, we are
able to provide our customers with an easy-to-deploy industrial grade
firewall that works seamlessly with our systems."
The core of the new product line is the ConneXium Tofino Firewall, a
rugged security appliance. By inspecting each network message that
passes through it, the firewall can ensure that only the right network
messages from the right computers can be sent to critical controllers.
Hacking attempts, deliberately corrupted messages and even network
traffic storms are stopped dead by the ConneXium Tofino Firewall.
The popular Modbus protocol is further secured using the Deep Packet
Inspection capabilities provided by the ConneXium Tofino Modbus TCP
Enforcer module. Only "allowed" Modbus commands from "allowed" devices
go through the firewall, preventing incidents caused by inappropriate
remote programming or deliberately corrupted messages from malware until
appropriate patches or changes can be applied to the control system.
The firewall is configured using the new ConneXium Tofino Configurator,
Windows-based software that includes Tofino's patented Plug-n-Protect
technologies. "We have worked hard to make the ConneXium Tofino a
solution that can be used out of the box," said Eric Byres, CTO and vice
president of engineering at Tofino Security. "Engineers don't need to be
security experts to secure their facility with Tofino."
An example of the Plug-n-Protect technologies included in the ConneXium
Tofino are 15 pre-configured templates for major Schneider automation
products. Engineers simply select the models of Schneider product they
are using in their plant from the templates. They then decide which
devices they want to allow communications to and the ConneXium Tofino
Configurator automatically determines the appropriate rules. The
software also includes expert technology that looks for common mistakes
in firewall programming and proposes possible improvements.
Bob Lockhart, senior research analyst, Pike Research (News - Alert) commented,
"Automation systems face unique cyber security challenges that require
protection, built by companies that understand how those systems work.
Lacking extravagant IT budgets, automation systems also require cyber
security systems that just work, with a minimum of human intervention.
Companies want to focus on their core business, not the enabling
Once in the field, it is easy to keep the ConneXium Tofino Firewall
up-to-date using Tofino Security Profiles. These are sets of tailored
rules and protocol definitions that defend against newly disclosed
vulnerabilities and malware. Each Tofino Security Profile is packaged so
that it can be quickly deployed without impacting operations, thereby
providing a quick and effective defense against new threats. For
example, recently Schneider
Electric utilized the Tofino Security Profile feature to make
available mitigation against publicly announced vulnerabilities in its
Modicon PLC product line, allowing customers quick access to a
mitigation prior to the subsequent release of new firmware without the
need to interrupt production for a firmware update until a scheduled
The ConneXium Tofino Security Solution is the latest offering in the
ConneXium family of industrial communications and security products.
Earlier in 2012 the ConneXium Eagle Firewall was released, providing
boundary protection and encryption for industrial facilities.
The ConneXium Tofino Firewall is available for order now from Schneider
ConneXium Tofino Firewall - 10/100BASE TX/TX