ProtocolPatroller
Industry’s first ICS cybersecurity monitoring and anomaly detection solution for protocol protection
Utilities experience thousands of increasingly sophisticated cyberattacks on industrial control systems (ICS) in general, and supervisory control and data acquisition (SCADA) systems, in particular. Remote access vulnerabilities can go undetected for months—posing an extraordinary threat to critical infrastructure security.
SecureSmart™ ProtocolPatroller provides continuous cyber monitoring and anomaly detection via sophisticated, protocol-specific security capabilities for smart grid, SCADA and other ICS applications. ProtocolPatroller offers cyber protection for a wide range of SCADA protocols and its modular design enables easy extension to protect additional ICS SCADA protocols. Using robust checkers, ProtocolPatroller detects ongoing attacks—including zero-day attacks—and alerts operators through a user-friendly dashboard. When used in the in-line protection mode, ProtocolPatroller can perform predetermined actions to stop ongoing attacks.
ProtocolPatroller software can be co-hosted as well as reside in a customer’s existing IT hardware or software platforms. Co-hosting can occur at gateways (e.g., in data centers or control centers), customers and servers (e.g., Inter-Control Center Communications Protocol or ICCP nodes, smart meter data collection engines), Intelligent Electronic Devices (IED), or even in a service cloud. Hosting is also available as a dedicated platform.
SecureSmart™ ProtocolPatroller provides continuous cyber monitoring and anomaly detection via sophisticated, protocol-specific security capabilities for smart grid, SCADA and other ICS applications. ProtocolPatroller offers cyber protection for a wide range of SCADA protocols and its modular design enables easy extension to protect additional ICS SCADA protocols. Using robust checkers, ProtocolPatroller detects ongoing attacks—including zero-day attacks—and alerts operators through a user-friendly dashboard. When used in the in-line protection mode, ProtocolPatroller can perform predetermined actions to stop ongoing attacks.
ProtocolPatroller software can be co-hosted as well as reside in a customer’s existing IT hardware or software platforms. Co-hosting can occur at gateways (e.g., in data centers or control centers), customers and servers (e.g., Inter-Control Center Communications Protocol or ICCP nodes, smart meter data collection engines), Intelligent Electronic Devices (IED), or even in a service cloud. Hosting is also available as a dedicated platform.
Anchor Element Copy for linking on the same page:
https://www.peratonlabs.com/?data-scroll-to-anchor=HowItWorks
Copy for linking from an external page:
https://www.peratonlabs.com/?data-anchor-link=HowItWorks
How it worksFor each covered protocol, ProtocolPatroller employs a collection of behavior model checkers that have been verified with formal methods to detect communication anomalies. These stateful model-checkers patrol SCADA protocol communication contexts and behaviors by:
The monitoring and filtering of potential vulnerabilities are available through both built-in and user-defined rules. Moreover, the dashboard provides operators with great flexibility in terms of choosing which protocol they would like to monitor and protect, which set of communication sessions and endpoints they would like to pay attention to, and which rules they would like to apply. ProtocolPatroller provides the ability to display only sub-nets for large networks. It graphically maps communication flows between each endpoint pair—not only at the network (IP) layer, but at application protocol layers—to discern different communication flows between devices. Anchor Element Copy for linking on the same page:
https://www.peratonlabs.com?data-scroll-to-anchor=features
Copy for linking from an external page:
https://www.peratonlabs.com?data-anchor-link=features
FeaturesCybersecurity protection across a wide range of threats and SCADA protocols including:
ProtocolPatroller deployment is available in two modes:
Anchor Element Copy for linking on the same page:
https://www.peratonlabs.com/?data-scroll-to-anchor=Advantages
Copy for linking from an external page:
https://www.peratonlabs.com/?data-anchor-link=Advantages
Advantages
Anchor Element Copy for linking on the same page:
https://www.peratonlabs.com?data-scroll-to-anchor=resources
Copy for linking from an external page:
https://www.peratonlabs.com?data-anchor-link=resources
ResourcesRead moreAnchor Element Copy for linking on the same page:
https://www.perspectalabs.com/?data-scroll-to-anchor=links
Copy for linking from an external page:
https://www.perspectalabs.com/?data-anchor-link=links
Research, services and products of interestResearch
Services
ProductsSecureSmart™ solution line:
Anchor Element Copy for linking on the same page:
https://www.peratonlabs.com?data-scroll-to-anchor=requestinfo
Copy for linking from an external page:
https://www.peratonlabs.com?data-anchor-link=requestinfo
|