ProtocolPatroller

Our products > Critical infrastructure > ProtocolPatroller

ProtocolPatroller

Industry’s first ICS cybersecurity monitoring and anomaly detection solution for protocol protection

Utilities experience thousands of increasingly sophisticated cyberattacks on industrial control systems (ICS) in general, and supervisory control and data acquisition (SCADA) systems, in particular. Remote access vulnerabilities can go undetected for months—posing an extraordinary threat to critical infrastructure security.

SecureSmart™ ProtocolPatroller provides continuous cyber monitoring and anomaly detection via sophisticated, protocol-specific security capabilities for smart grid, SCADA and other ICS applications. ProtocolPatroller offers cyber protection for a wide range of SCADA protocols and its modular design enables easy extension to protect additional ICS SCADA protocols. Using robust checkers, ProtocolPatroller detects ongoing attacks—including zero-day attacks—and alerts operators through a user-friendly dashboard. When used in the in-line protection mode, ProtocolPatroller can perform predetermined actions to stop ongoing attacks.

ProtocolPatroller software can be co-hosted as well as reside in a customer’s existing IT hardware or software platforms. Co-hosting can occur at gateways (e.g., in data centers or control centers), customers and servers (e.g., Inter-Control Center Communications Protocol or ICCP nodes, smart meter data collection engines), Intelligent Electronic Devices (IED), or even in a service cloud. Hosting is also available as a dedicated platform.

The monitoring and filtering of potential vulnerabilities are available through both built-in and user-defined rules. Moreover, the dashboard provides operators with great flexibility in terms of choosing which protocol they would like to monitor and protect, which set of communication sessions and endpoints they would like to pay attention to, and which rules they would like to apply.

ProtocolPatroller provides the ability to display only sub-nets for large networks. It graphically maps communication flows between each endpoint pair—not only at the network (IP) layer, but at application protocol layers—to discern different communication flows between devices.

Anchor Element

Copy for linking on the same page:

https://www.perspectalabs.com?data-scroll-to-anchor=features

Copy for linking from an external page:

https://www.perspectalabs.com?data-anchor-link=features

Features

Cybersecurity protection across a wide range of threats and SCADA protocols including:

SCADA Distributed Network Protocol (DNP3)
Inter-Control Center Communications Protocol (ICCP)
Synchrophasor Protocol C37.118
Advanced metering infrastructure (AMI) Data Transport Protocol C12.22
Substation Automation 61850-GOOSE
IP and HTTP
Modular design supports easy extension to additional SCADA protocols

ProtocolPatroller deployment is available in two modes:

Sniff mode: real-time monitoring, analysis, detection and alerting via user-friendly operator dashboard
In-line protection mode: provides all the functionality of sniff mode along with the ability to terminate ongoing attacks via prescribed attack vector rules and responses

Anchor Element

Copy for linking on the same page:

https://www.perspectalabs.com/?data-scroll-to-anchor=Advantages

Copy for linking from an external page:

https://www.perspectalabs.com/?data-anchor-link=Advantages

Advantages

Industry-leading, high-value SCADA protocol protection capability
Deep-packet inspection
Protocol-specific stateful model-checkers
Easily extendable to common SCADA protocols
Field proven in the smart grid utility industry
Flexible, easy to use operator dashboard

Anchor Element

Copy for linking on the same page:

https://www.perspectalabs.com?data-scroll-to-anchor=resources

Copy for linking from an external page:

https://www.perspectalabs.com?data-anchor-link=resources

Resources

ProtocolPatroller overview sheet (PDF)

Anchor Element

Copy for linking on the same page:

https://www.perspectalabs.com/?data-scroll-to-anchor=links

Copy for linking from an external page:

https://www.perspectalabs.com/?data-anchor-link=links

Research, services and products of interest

Research

Cybersecurity research: innovations to protect mission-critical networks, services, systems and infrastructure
Machine learning and data analytics research: breakthrough artificial intelligence / machine learning capabilities

Services

Industrial control systems and IoT security: patented solutions to protect ICS, low-power WANs, IoT and SCADA systems for energy, utilities and smart cities
Intelligent transportation system and security: full life cycle support for deployment of secure, resilient communications technology in transportation infrastructure
Smart grid field analysis: sophisticated services to efficiently resolve operational problems, troubleshoot service failures and validate security controls

Products

SecureSmart™ solution line:

Continuous monitoring as a service (CMaaS): real-time cyber defense for critical infrastructure, field area networks, energy systems and smart cities
Cyber emissions monitor: anomaly detection based on non-intrusive monitoring of unintentional RF emissions
EnergyDefender: comprehensive critical infrastructure and industrial control systems defense
Jolt: protection against sophisticated power grid attacks via intelligent telemetry defense

Anchor Element

Copy for linking on the same page:

https://www.perspectalabs.com?data-scroll-to-anchor=requestinfo

Copy for linking from an external page:

https://www.perspectalabs.com?data-anchor-link=requestinfo

Request more information