MUSE CYBER SECURITY SUITE
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
MUSE™
CYBER SECURITY
SUITE
COMPREHENSIVE PROTECTION FOR CRITICAL
INFRASTRUCTURE
Protecting critical infrastructure from cyber-attacks is a particularly complex challenge. You must defend operational
technologies (OT), and be able to discern tangible threats from a multitude of reported events. ECI’s Muse Cyber Security
Suite meets these challenges head-on.
SHIELD unifies multiple cyber security functions into a consolidated form factor and prevents OT cyber-attacks at any CI
facility, well before they can cause any harm. SHIELD incorporates industry-leading SCADA anomaly detection, a Secure
Gateway, Encryption, and more.
COMPASS is an intelligent, centralized system that eliminates the guesswork when identifying and managing CI cyber security
threats. It collects, validates, correlates, and analyzes information generated by SHIELD, presenting threat insights in a visually
intuitive and actionable manner.
Prevents attacks Event correlation Low TCO by
Full OT security at facility points zeroes in on real combining security
coverage of access threats with connectivity
UNIQUE CHALLENGES IN PROTECTING CRITICAL INFRASTRUCTURE In the past, industrial control systems were isolated from less secure areas, such as corporate networks and the Internet. Consequently, gapping and physical security measures were sufficient for securing these systems. Eventually, organizations connected their SCADA networks with other networks in order to cut costs and share operational information. But by eliminating this separation of systems, the control networks became exposed to hackers. While traditional security solutions provided some level of protection, these were often deployed in a piecemeal, uncoordinated fashion with gaps in coverage. Moreover, they overstretched cyber teams, making them deal with all possible threats and the sheer amount of alerts generated. It became critical to reduce the overwhelming quantity of notifications, warnings, and false-positive alarms to allow cyber teams to focus on real threats in real-time to prevent breaches and attacks. MUSE CYBER SECURITY SUITE ARCHITECTURE Muse addresses these challenges by providing a holistic cyber security solution for critical infrastructure and operational networks. It relies on two systems: Muse COMPASS provides an aggregated view of calculated threats from the entire cyber security suite. It delivers threat severity grading, based on correlating events from multiple security functions, enabling effective allocation of professional expertise. Muse SHIELD provides attack mitigation at the communication points-of-access to CI facilities, and feeds COMPASS with events, logs, and Deep-Packet- Inspection (DPI) information. In turn, COMPASS guides SHIELD policies on how to handle various patterns and signatures of packet flows.
MUSE COMPASSTM
An intelligent centralized system, COMPASS eliminates the guesswork
in identifying and managing CI cyber security threats. It collects,
validates, correlates, and analyzes information from Muse SHIELD,
presenting threat insights in a visually intuitive and actionable manner.
COMPASS lets your team focus on real threats, in real time, making
better use of your existing headcount.
A simple click on an aggregated alert allows you to analyze events from
multiple security functions. A clean, easy-to-follow multiple-event timeline is displayed, enabling the user to drill down to
discover and pinpoint threat root causes.
COMPASS enables future-proof growth and flexibility, by adding/removing third-party modules and aggregated
components, such as threat databases, open source intelligence, and existing SIEM systems.
MUSE SHIELDTM
Unifying multiple cyber security functions into a consolidated form factor, SHIELD stops OT cyber-attacks at the
communications point-of-access to any CI facility, before they can cause harm. SHIELD provides:
SCADA ANOMALY DETECTION
Muse SCADA AD automatically discovers the assets across your OT networks and scrutinizes network traffic. It learns the
finite set of connections, conversations, and commands, creating a fine-grain behavioral system baseline that characterizes
legitimate traffic behavior for each asset in the network. Advanced algorithms are then applied to the system baseline to
detect anomalies that may indicate an attack or another problem. These analyses offer important insights about network
hygiene, configuration issues, and vulnerable assets, generating actionable alerts that are clear, consolidated, and
context-rich. The alerts provide security and control teams with rapid situational awareness of potential and actual process
disruptions, enabling them to respond to events and maintain the safety and reliability of industrial processes quickly
and efficiently.
SECURE GATEWAY
The multilayer protection Secure Gateway suite includes NextGen-Firewall, Application Control, as well as IPS and
Network-Antivirus. The Secure Gateway segregates the different OT LANs. This way, attacks cannot propagate to other
locations in the network and lateral movement is blocked
ENCRYPTED COMMUNICATIONS
L2/L3 encryption protects data flows between a pair of SHIELDs. It also supports network-level peer authentication, data
origin authentication, data integrity, and data confidentiality (encryption).
COMPREHENSIVE PROTECTION FOR CRITICAL
Copyright © 2018 ECI. All rights reserved. Information in this document is subject to change without notice. ECI assumes no responsibility for any errors that may appear in this document.
INFRASTRUCTURE
CURRENT CHALLENGES MUSE CYBER SECURITY VALUE
Separate systems for attack mitigation and threat detection Muse provides a comprehensive integrated solution for protecting the OT
encompassing SHIELD attack mitigation and COMPASS threat detection.
Limited visibility of the operational technology (OT) COMPASS provides automatic discovery, presentation, and validation of
the network topology of all SCADA devices.
Ensuring system integrity, that all commands and control functions are COMPASS validates OT network on the assumption that it has been
genuine and correct breached and that SCADA C&C may be altered by an intruder.
Assessing parallel inputs from multiple security monitoring tools, where COMPASS aggregates threat analysis and consolidates, grades, and
each tool supports a different security function presents risks according to their severity and number of independent
sources. It reduces false positives and negatives, increasing overall
effectiveness.
Long intervals for conducting investigations, due to collection of COMPASS aggregates, stores, and makes all security information easily
information from multiple security tools and sources accessible from a central repository, speeding up threat evaluation and
response.
Network connectivity and network security are detached SHIELD consolidates connectivity with security, creating a streamlined,
low-cost, high-reliability architecture.
Multiple security mitigation functions from multiple vendors SHIELD consolidates multiple pre-certified best-of-breed security functions
on a single form factor, covering SCADA anomaly detection, encryption,
and a Secure Gateway.
New cyber security threats drive new security tools on separate SHIELD is an open cyber security platform, capable of implementing
solutions additional security functions.
Contact us to discover how Muse™ can secure your critical infrastructure from cyber attacks
ABOUT ECI
ECI is a global provider of ELASTIC network solutions to CSPs, utilities as well as data center operators. Along
with its long-standing, industry-proven packet-optical transport, ECI offers a variety of SDN/NFV applications, end-
to-end network management, a comprehensive cyber security solution, and a range of professional services. ECI's
ELASTIC solutions ensure open, future-proof, and secure communications. With ECI, customers have the luxury of
choosing a network that can be tailor-made to their needs today – while being flexible enough to evolve with the
changing needs of tomorrow. For more information, visit us at www.ecitele.comYou can also read
