The Westermo Webinar ( Defend your network from unauthorized access ) has held on April 17. Perimeter protection and spoofing protection are vital layers of defense against cyber attacks. Using a configuration management tool, such as WeConfig NCM, perimeter firewalls are relatively simple to implement. However, these physical and logical shells can be bypassed, with infections brought inside the protected barrier by people residing on the trusted network. In addition, some intrinsic weaknesses to the IP stack specifications (not containing integrity checks) make it possible for an attacker to intercept communications unnoticed by masquerading devices to look like they are existing and legitimate devices (spoofing).
In this short Webinar, Westermo’s Cyber Security Product Manager Niklas Mörth and Network Applications Expert Jon-Olov Vatn will explain why perimeter protection must include outgoing traffic monitoring and port authentication.
In an industrial control system, where data flows are known and static, Westermo WeOS devices can monitor outgoing traffic at the boundary, and bad or unknown connection requests can be logged to an intrusion detection system. When new WeOS devices are connected to the network, the validity of the device can be checked. By implementing port identification, using 802.1x over RADIUS failed authentication attempts, which provide a good indication of a potential attack, can also be logged.