Tofino™ gets OPC Firewall Security Module2010 08 26
New MTL Tofino OPC Enforcer protects systems using OPC DA, HDA and A&E, the world’s most widely used industrial integration standard
MTL Instruments, a division of Cooper Crouse-Hinds, is announcing the new MTL Tofino OPC Enforcer Loadable Software Module (LSM), developed for MTL Instruments by Byres Security Inc, This extension to the existing MTL Tofino product line of Industrial Network security products locks down any automation system using the previously hard to secure OPC Classic protocol. Specifically designed for OPC communications, the OPC Enforcer provides superior security over what can be achieved with conventional firewall solutions. The result is improved network reliability, availability and security for the process control and SCADA industries.
OPC Classic is widely used in control systems as an interoperability solution, interfacing control applications from multiple vendors. Unfortunately, as numerous studies show, the technologies underlying it were designed before network security issues were widely understood. As a result, OPC Classic has been almost impossible to secure until now.
The MTL Tofino OPC Enforcer is an ideal solution for the numerous industrial networks that use OPC Classic. Its innovation provides two important benefits:
- It provides robust security and stability for systems using OPC Classic, thus preventing industrial network attacks and accidents. Unlike other firewalls, this product inspects, tracks and secures every connection made by an OPC application, opening only the exact TCP port required for a connection between an OPC client and server.
- It is implemented without any control system changes. The Tofino hardware is simply installed into the live network and configured using a drag and drop editor to select permitted clients and servers. Once installed, network security is assured, with all OPC traffic managed behind the scenes.
While a lot of the headlines around cyber security focus on hacker attacks, in fact many incidents result from internal network incidents.
“Past plant shutdowns, for example, haven’t been caused by hackers. Instead they were the result of badly configured software causing traffic storms that impacted critical controllers and other systems,” said Eric Byres, security expert and Chief Technical Officer at Byres Security. “The Tofino OPC Enforcer LSM does much more than block hackers and viruses from accessing the safety system. Its dynamic port management and built-in traffic-rate controls prevent many basic network problems from spreading throughout a plant.”
“Many of MTL’s customers use OPC Classic as an integral part of their control system architecture, however it has long been recognized as a significant area of weakness with regard to overall network security. The introduction of the Tofino OPC Enforcer LSM enables our customers to utilize the full benefits of OPC within their systems, safe in the knowledge their communications are secure”, remarked Philip Nunn, Product Line Manager, Industrial Networks, MTL Instruments.
Availability and Requirements
The Tofino OPC Enforcer LSM is available from MTL Instruments and requires the MTL Tofino Security Appliance, MTL Tofino Central Management Platform and the MTL Tofino Firewall LSM.