Cybersecurity company Kaspersky has partnered with operational technology (OT) security company Waterfall Security to deliver improved security with safe and modern analysis of industrial networks and traffic to detect anomalous usage patterns and suspicious activities.
Using Kaspersky Industrial CyberSecurity for Networks in tandem with Waterfall Security for Intrusion Detection Systems, users will be able to access non-intrusive industrial network inventory, threat detection and hardware-enforced protection from network attacks. The joint solution delivers industrial network traffic inspection and deep packet inspection (DPI), while providing OT networks with hardware-enforced unidirectional protection for safe and reliable operations.
The joint solution has been deployed, tested and certified for compatibility and interoperability at Kaspersky’s laboratory in Jerusalem. A joint team of Waterfall and Kaspersky engineers carried out extensive compatibility verification tests on Kaspersky Industrial CyberSecurity for Networks (KICS for Networks) and the Waterfall for Intrusion Detection Systems (Waterfall for IDS) products, the companies said in a press statement. The Waterfall for IDS hardware is physically not able to pass any signal whatsoever back into an OT network from any external network, it added.
The integrated offering allows OT networks to extend the visibility of security and network operations centers into industrial control system networks, enable safe, up-to-date analysis of industrial control system network traffic for anomalous and suspicious activities, and delivers confidence to connect ICS networks into monitoring, analysis and alerting infrastructures.
It is also fully passive, so as not to disrupt sensitive OT devices and networks, while providing safe and comprehensive cybersecurity monitoring designed for OT networks, according to the companies. The offering transparently protects OT networks from IT networks without disrupting OT systems, and enables a single IT/OT pane of glass to see and manage security and physical operations.
Waterfall for IDS enables network intrusion sensors to monitor OT and ICS networks without risk to the monitored networks. Waterfall for IDS unidirectional hardware emulates OT mirror and SPAN ports to network intrusion sensors on IT networks, according to a joint solution brief released by the companies. With Waterfall for IDS in place, industrial enterprises can host OT sensors on IT networks where the sensors are managed and updated by central SOC analysts, without risk to physical operations, the companies added.
Waterfall for IDS is a hardware-enforced, physical barrier that prevents remote attacks, malware, DOS attacks, ransomware, and human errors, originating on IT networks, from compromising or impairing physical operations, while enabling seamless interoperability with intrusion detection system platforms.
The KICS for Networks is an OT network monitoring and visibility solution, delivered as software or as a virtual appliance, passively connected to the ICS network. It detects anomalies and intrusions inside ICS networks in their early stages, and ensures the necessary actions are taken to prevent any negative impact on industrial processes, the joint solution brief said. KICS for Networks technologies include asset discovery, inspection of industrial protocols, network integrity and command control, and intrusion detection system. The offering’s interface displays a live dashboard and a network map, allowing working with assets and security events.
“Extending the visibility of security and network operations centers into industrial control system networks is often the first step taken by enterprise security teams tasked with securing industrial networks,” said Ran Pedhazur, Waterfall Security’s chief business development officer at Waterfall Security Solutions.
“The certified compatibility of Waterfall and Kaspersky solutions will give our customers the confidence to connect industrial networks into monitoring, analysis and alerting infrastructures with additional levels of OT perimeter protection,” said Sergey Paltov, Solution Architecture Group Manager, Kaspersky Industrial Cybersecurity.
In October, Waterfall Security joined with OT security vendor Industrial Defender to secure OT networks, industrial operations and critical infrastructures. This collaboration unites Industrial Defender’s breadth of security, change detection and compliance data with Waterfall’s unidirectional security gateways, to transmit asset data from control systems to cybersecurity teams.