cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Employee+
Employee+

SCADA security using firewall policies.pdf

 

In SCADA and ICS environment each and every system component is characterized by a specific role, having unique network behavior related to the other system components

 

  • The SCADA server will manage communication with the RTUs and PLCs, Will provide services to the working stations and manage writing to the historian server.
  • PLCs and RTUs communicates with the SCADA server and occasionally connected by engineering stations
  • Working stations connects to the SCADA server and don’t require connectivity to any other of the system components.
  • Historian server database, get write commands from the SCADA server and the data is read by operational intelligence solutions for reports generation.

 

 

Due to this relatively simple network behavior, it is possible to use Firewall policies to Alert and even block unauthorized activities and as a result enhancing significantly the system security.

 

 

 

 

Few examples:

 

 

We would like to authorize communication in Modbus protocol between the SCADA server and the PLCs and communication between the SCADA server and the historian server.

 

While on the same time we want to ban any communication between the workstation the PLCs and historian server. At this current situation, even if the workstation will be infected by a malware which will attempt to communicate with the PLCs and the historian server, the attempt will fail and the traffic will be blocked.

0 Kudos
6 Replies

Re: SCADA security using firewall policies.pdf

Thanks for the information, I tried to open the document using capsule docs but the documents is protected.

0 Kudos
Employee+
Employee+

Re: SCADA security using firewall policies.pdf

Hi Pablo,

Are you a Check Point employee? I reconfirmed and the document is open to all Check Point employees.

If you still face problem with opening the document, please share with me your email address and I will send you the document.

0 Kudos

Re: SCADA security using firewall policies.pdf

Hello , I'm not a Check Point Employe , just currently working on a Latam Distributor, thanks for sharing this info.

0 Kudos
Employee+
Employee+

Re: SCADA security using firewall policies.pdf

this explain the reason why you can't open the document.

In SCADA and ICS environment each and every system component is characterized by a specific role, having unique network behavior related to the other system components

 

  • The SCADA server will manage communication with the RTUs and PLCs, Will provide services to the working stations and manage writing to the historian server.
  • PLCs and RTUs communicates with the SCADA server and occasionally connected by engineering stations
  • Working stations connects to the SCADA server and don’t require connectivity to any other of the system components.
  • Historian server database, get write commands from the SCADA server and the data is read by operational intelligence solutions for reports generation.

 

 

Due to this relatively simple network behavior, it is possible to use Firewall policies to Alert and even block unauthorized activities and as a result enhancing significantly the system security.

Few examples:

We would like to authorize communication in Modbus protocol between the SCADA server and the PLCs and communication between the SCADA server and the historian server.

 

While on the same time we want to ban any communication between the workstation the PLCs and historian server. At this current situation, even if the workstation will be infected by a malware which will attempt to communicate with the PLCs and the historian server, the attempt will fail and the traffic will be blocked.

0 Kudos

Re: SCADA security using firewall policies.pdf

Hi Shlomi. I cant open it neither. My email is galvarez@checkpoint.com  Thanks

0 Kudos
Admin
Admin

Re: SCADA security using firewall policies.pdf

The document is actually the same as the content Shlomi shared already.

0 Kudos