Single End-to-End Security Platform
IGIN-EFS delivers a single platform for grid modernization with an inherent end-to-end security between the enterprise-level systems to the edge devices. The IGIN-EFS security is realized over virtually any IP/Serial telecommunication technology/network (e.g. fiber, microwave, copper, radio, mesh, cellular, narrowband, broadband, MPLS, etc.). This single end-to-end security platform seamlessly accommodates hybrid networks with multiple "wired" or wireless asynchronous links (e.g. IP - Serial - IP, IP - Serial - Serial - Serial, fiber - radio - radio - copper, etc.) The IGIN-EFS is an enabling technology that helps achieving CIP/FISMA cyber security compliance.
Some of the security capabilities include:
- IPSec VPN
- SSH / SFTP
- Disk encryption
- Serial port security
- SYN-flood attack protection
- End-to-end 256-bit AES encryption
- Dynamic encryption where each remote site has a unique security key
- Time Based Control Authentication
- Each Control is individually Password Protected
- Security certificate generation and management
- Unique application signature for firewall detection
- Firewall and intrusion detection at the field device
- Password protection for various system components
- Outbound only HMI data flow enabling one-way through firewall
- Encryption and authentication at the edge device level over serial or IP
- Intrusion detection at remote site (e.g. opening of enclosure doors, etc.)
- Implement CIP requirements such as alerting users if there are anomalies
- Edge device point chattering protection to avoid network congestion/collapse
- Connection to various authentication services such as LDAP, Radius, OTP, etc.
- Automatic reporting of CIP / FISMA cyber events to the CIP /FISMA Reporting and Compliance software
Contact DigitaLogic for your specific cyber security requirements as IGIN-EFS has the flexibility to be customized to your needs.