SCADAfence Platform offers a wide range of cutting-edge capabilities built from the ground up to monitor large-scale complex OT networks.
Monitor Tens of Thousands
SCADAfence Platform has no limit to the number of assets supported by our detection engines and the user interface can display information on tens of thousands of assets and sessions. Unlike the Purdue model, our network map has been purposely designed to easily display a very large amount of assets, with several levels of drill-down into each asset’s relevant and detailed information. SCADAfence’s automatic asset discovery provides a rich set of details, including, model number, firmware version and potential risks.
100% Packet Processing Engine
SCADAfence Platform never misses a packet. Its optimized core and best-in-class packet processing speed provides outstanding security coverage for your network. Unlike other industry solutions, no traffic filtering and no traffic sampling are applied. Therefore, everything is continuously inspected – down to the last bit. The SCADAfence Platform was designed to scale – so there is no limit to the number of communication sessions monitored in parallel.
Holistic Operational Alerts
and Network Health
A holistic view, includes cyber security and operational status. The system tracks many metrics, including service malfunctions, traffic latency, asset malfunctions that are often due to human error, and PLC errors and their exceptions.
SCADAfence Platform performs full, deep packet inspection for both IT and OT protocols. The SCADAfence research team is dedicated to maintaining up-to-date knowledge of industrial protocols in their various versions, as well as vendor-specific customizations. SCADAfence maintains a world-class industrial lab, built by a team that specializes in the design and construction of state-of-the-art plants and operational networks. The lab runs equipment that includes many types of PLCs, HMIs, vendor-specific engineering software, protocol converters, and I/O modules.
SCADAfence Platform learns the behavior of your specific network, and then detects deviations from the baseline behavior. The system avoids the use of hard-coded parameters that may not be a good fit for your network – either too tight, resulting in false positives, or too loose, allowing illegitimate behavior. Instead, behavioral baselines are automatically learned and configured by network behavior parameters such as noise levels and event types. SCADAfence Platform learning capabilities are granular in nature, adjusting learning methodologies per host and per behavior type. In addition, the system adjusts the behavioral baseline based on user feedback, and not just by network events.
SCADAfence employs powerful pattern detection techniques in order to detect a wide variety of cyber attacks and other malicious behaviors. The system applies knowledge of best practices in industrial networks, raising alerts when network parameters exceed normal bounds. Our analytics allow you to apply user-defined rules to enforce company security policies, as well as fine-grained tuning with industry best-practice.
As a leading open-system developer, SCADAfence supports many industry-standard inbound and outbound APIs, allowing our Platform to easily work with a wide range of systems, including threat intelligence feeds and signature-based repositories. SCADAfence Platform’s easy integration facilitates external control, provides a complete picture of any attack, and enables quick, efficient incident response. It also supports the addition of optional prevention capabilities (such as enforcement/NAC/blocking).