IT systems leverage firewalls to monitor security risks on the IT network. But these IT firewalls are not aware of industrial protocols used on the plant floor – limiting the ability to minimize risk throughout the entire network. Cisco and Rockwell Automation are collaborating to develop a deep-packet-inspection (DPI) technology for use in industrial security appliances.
An industrial firewall with DPI technology extends visibility down to the plant floor, enables logging of traffic patterns, and provides the opportunity for informed decision-making following a set of security policies. Users can log a range of data for any network connection or protocol, such as EtherNet/IP, including where the traffic is coming from, where it is going and with which application it is associated.
When used between industrial and cell/area zones in a Converged Plantwide Ethernet (CPwE) architecture, a plant-floor application using DPI technology can instruct a firewall to deny firmware downloads to a controller. This action guards against tampering with firmware and helps protect the integrity of the operation. Only an authorized user would be able to conduct the download.
DPI technology will be brought to market in industrial network devices from both Rockwell Automation and Cisco in 2016.
Filed Under: TECHNOLOGIES + PRODUCTS