FREE ELECTRONIC LIBRARY - Abstracts, online materials

Pages:   || 2 |

«Proprietary Information – Copyright © 2011 by Waterfall Security Solutions Ltd. Waterfall Security Solutions Ltd. Introduction to Waterfall ...»

-- [ Page 1 ] --

Proprietary Information – Copyright © 2011 by Waterfall Security Solutions Ltd.

Waterfall Security Solutions Ltd.

Introduction to Waterfall

Unidirectional Security Gateways:

True Unidirectionality, True Security

Date: August, 2012

Proprietary Information – Copyright © 2012 by Waterfall Security Solutions Ltd.


- Legal Notice & Disclaimer This document contains text, images and other information and/or materials which are proprietary to Waterfall Security Solutions Ltd., and constitute valuable intellectual property of Waterfall Security Solutions Ltd., protected by applicable patent, copyright and trade secret laws and by international treaty provisions. This document shall not be used in any manner that violates or misappropriates or could result in a violation or misappropriation of intellectual property rights of Waterfall Security Solutions Ltd., including, without limitation, copyrights, trademarks, trade secrets and/or patent rights. Under no circumstances shall any ownership rights in the content of this document be asserted nor Water Security Solutions Ltd.’s intellectual property rights be contested in any action or proceeding of whatever kind or nature, nor shall any action be taken that may prejudice, render generic, weaken or diminish the good will associated with Waterfall Security Solutions Ltd.’s intellectual property rights. Waterfall Security Solutions Ltd. reserves the right, without further notice, to pursue to the fullest extent permitted by law any and all criminal and civil remedies for the violations of its rights.

All information in this document is provided on an “AS IS” basis, and Waterfall Security Solutions Ltd.

makes no warranties or representations and assumes no liability whatsoever as to the accuracy or completeness of the information presented in this document.

Any and all third party intangible and/or proprietary and/or intellectual property rights ("Third Parties’ Rights"), mentioned herein, whether registered or not, including, without limitation, patents, trademarks, service marks, trade names, copyrights and computer applications, belong to their respective owners.

Waterfall Security Solutions Ltd. disclaims any and all interest in all such Third Parties’ Rights. It is forbidden to copy, modify, amend, delete, augment, publish, transmit, create derivative works of, create or sell products derived from, display or post, or in any other way exploit or use such Third Parties’ Rights without the express authorization of their respective owners.

Except as specified herein, Waterfall Security Solutions Ltd. does not guarantee nor make any representations with regard to any and all third party tangible and/or intangible and/or proprietary and/or intellectual property ("Third Party Property") mentioned herein. Waterfall Security Solutions Ltd. does not endorse nor makes warranties as to the completeness, accuracy or reliability of such Third Party Property, and all such warranties are hereby expressly and strictly disclaimed.

–  –  –

- Table of Contents – INTRODUCTION











Introduction Historically industrial sites were secured by so-called “air gaps.” Most control system networks were not connected to any public network at all, and so the spread of malware over connections from public networks to control networks was impossible, as was the remote control of industrial control systems by adversaries using public networks. That changed in the mid-1990's – operators of these sites learned there were significant profits possible from the use of real-time inventory data, equipment usage data and other information drawn from control systems. Sites started connecting their control system networks to their corporate networks, exposing the formerlyisolated control networks to attack. For the last decade, securing these connections between control networks and external networks has received steadily increasing attention.

In the last 24 months, high-profile "advanced persistent threat" attacks have successfully compromised an appalling number of seemingly well-secured critical infrastructures and utilities, as well as military, government and corporate networks. Imagine learning that parts of your safety-critical control system are under the thumb of adversaries on the other side of the planet.

In response to these trends, corporate security teams increasingly deploy Waterfall’s Unidirectional Security Gateways. A Unidirectional Gateway is simple in concept - a transmitting (TX) appliance in the control system network contains a laser, and a receiving (RX) appliance in the corporate network contains a photocell. The TX can send to the RX, but not vice-versa.

The gateways push real-time data to the corporate network where the business functions of the industrial site need it, but no attacks, no viruses, nothing at all in fact, can get back through the gateway hardware to influence or threaten the control system. Contrast this with firewalls, which are software systems. The software in firewalls looks at every message trying to pass through, and decides whether to let it pass. Every software has vulnerabilities and advanced threats exploit

–  –  –

those vulnerabilities. Unidirectional Gateways are not vulnerable to such attacks – the security is at the physical level. There are no return channels in the hardware.

Waterfall’s Unidirectional Gateways are deployed routinely in arenas where security is paramount – industrial and production networks of critical infrastructures. For example, the latest Nuclear Energy Institute guidelines for the cyber security of reactor control networks give two choices: either no connections at all across the perimeter of the most sensitive networks, or unidirectional connections only. Other industries are taking note. No one wants to put at risk a power grid, a water treatment plant, an oil pipeline, or a chemical plant.

Think about the consequences of two recent industrial disasters the nation and the world have seen: the Gulf oil spill and the tsunami at the Fukishima reactors. Now consider that advanced threats regularly compromise the best-protected corporate and control system networks. Put this together and utilities increasingly conclude the risk is unacceptable. Utilities and industrial sites are looking seriously at once more isolating their control networks. Unidirectional Gateways provide the same protections as complete network isolation, without cutting off access to the most valuable real-time data.

True Unidirectionality The Waterfall Unidirectional Gateway is a true unidirectional system, composed of a TX hardware appliance and an RX hardware appliance connected solely by a single fiber-optic cable.

The TX appliance contains a laser, but no photocell, and so can transmit information over the fiber-optic cable, but is physically incapable of receiving any information from the cable. The RX appliance contains a photocell, but no laser. The RX appliance is therefore physically incapable of sending any information to the TX appliance over the fiber-optic cable. The system is referred to as a “unidirectional medium.” Information passes from the TX appliance to the RX appliance exclusively.

Unidirectional Gateways provide a way to send application data out of critical networks, while protecting the integrity of the critical network by segregating it from any external networks. This absolute level of unidirectional communication eliminates all online network attacks originated from an external network, since no communication, “good” or “bad”, including attack packets, viruses, or information of any sort can pass from the external network hosting the RX appliance back to the sending network hosting the TX appliance.

In 2009, Idaho National Labs (INL) assessed the Waterfall Unidirectional Gateway technology in

depth and concluded:

The assessment verified that the Waterfall system provides one-way communications between two different security zones. The physics of the system prevent any data transmission from the low security enclave to the high security enclave. Waterfall’s methodology of protecting an industrial network from an external connection to a lower security zone was verified by the assessment.

True Security The unique Waterfall architecture restores to industrial sites the benefits of time-tested, airgapped network designs, without sacrificing modern business requirements for access to accurate

–  –  –

and timely data from real-time systems. Specifically, a Waterfall solution configured as

recommended provides:

 Complete isolation from external threats – nothing - not data, commands, or even protocol signaling from the outside can enter a protected network over Unidirectional Security Gateways. The gateway is physically incapable of transferring anything “back” from the external network.

 Complete protection against external cyber-attacks – when an attacker on an external network attempts access through a Waterfall security gateway to a protected network to take remote control of cyber assets, that attack fails.

 Complete protection from external denial of service attacks against protected assets – when an attacker on an external network tries to transmit traffic through the Waterfall Unidirectional Gateway to impair the operation of control system assets, none of those packets arrive on the control system network. The gateway hardware is incapable of transmitting anything back to the control system.

 Complete protection from sophisticated worms and other malware which propagate across networks. No set of un-patched, zero-day or other vulnerabilities can cause the receiving gateway hardware to transmit malware or other information into the protected network.

 Protection from malware which takes instructions from command and control servers over public networks. Much modern malware is designed to be under the continuous control of central servers on the open internet. However, the one-way appliances make it impossible to receive commands from command and control servers on untrusted networks.

In addition, it should be noted that a preferred tactic of Advanced Persistent Threats and other sophisticated threats is remote-control attacks. While Unidirectional Gateways do not address all possible security threats at a site, they do eliminate entirely the risk of a remote control attack or other network-based attack on protected assets from external networks via the Unidirectional Gateways.

Standards and Regulatory Compliance Waterfall Unidirectional Security Gateways have been assessed against many industrial cyber security regulations, including: NIST 800-53, NERC-CIP and NEI 08-09 standards. The gateway solutions directly address many requirements related to network segmentation, network access protections and remote access controls. Indirectly, the gateway solutions substantially simplify overall security programs, because they are simpler and more secure than conventional firewalls.

Pass-through user accounts, open ports, access logging, denied access attempt logging, and many other concepts either do not apply at all to Unidirectional Gateway solutions, or are substantially

simplified when gateways are deployed. As a result:

 Total security program documentation volumes tend to be reduced,

–  –  –

 Internal audit costs are reduced: there is less documentation to check, the security configurations are simpler and so faster to audit, and there are fewer logs to examine,  There are no remote access logs or attempted remote access logs to examine – no remote control of protected assets is possible, nor are such access attempts.

 Periodic vulnerability assessment costs are reduced, because there are no complex firewall configurations to examine for communications paths an attacker might use, and  External audit costs are reduced, because fewer logs, less documentation and simpler security configurations mean external auditors need to spend fewer escorted days on site.

Finally, training costs are reduced with Unidirectional Gateways as well. Conventional firewall training requires up to several weeks of full-time instruction. Conventional firewalls have many features and are difficult to keep configured correctly and safely. Unidirectional Gateway training is typically one to two days long, depending on the solutions deployed, and is carried out on site, during installation. Errors in the configuration and maintenance of Unidirectional Gateways do not lead to compromise of protected systems. If the gateway solution is moving data out of your protected network, then it is by definition configured so that no attack can reach your protected assets.

Detailed whitepapers, including detailed information regarding the assessment of the Waterfall Unidirectional Security Gateways for NIST 800-53, NERC-CIP and NEI 08-09 are available.

Unidirectional Gateway Software Waterfall Security’s Unidirectional Gateways generally do not attempt to emulate bidirectional or routable protocols over unidirectional media. Instead, they extract data and pass it out to a destination application. The most common configuration of Unidirectional Gateways is as illustrated in Figure (1). The solution consists of a pair of software applications running on conventional computers, and two specialized unidirectional appliances. The “gather/TX” application gathers information from systems on a protected network and transmits this information over the unidirectional subsystem. The “publish/RX” application publishes the information to other systems on an external network.

Figure (1): Data Movement Application

The “gather/TX” application gathers data from a specific server or application on the protected network using conventional, bi-directional, routable protocols. Routable communications sessions on the source network terminate in the “gather” application. On the other side of the

–  –  –

Pages:   || 2 |

Similar works:

«In the Moment: The Effect of Mindfulness on Ethical Decision Making Nicole E. Ruedy Maurice E. Schweitzer Center for Leadership and Operations of Information Management Strategic Thinking The Wharton School University of Washington University of Pennsylvania July 2010 Russell Ackoff Fellowship of the Wharton Risk Center Working Paper # 2010-07-02 _ Risk Management and Decision Processes Center The Wharton School, University of Pennsylvania 3730 Walnut Street, Jon Huntsman Hall, Suite 500...»

«Mindful Schools Engaging Children. Supporting Educators. Transforming Schools. Mindfulness Curriculum Kindergarten 5th Grades Copyright © 2011 by Mindful Schools All rights reserved. No part of this curriculum may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, without either the prior written permission of Mindful Schools, or authorization through payment of the appropriate...»

«CENTER DEFENSE TECHNICRL INFORMRTION Technical Report 975 Selection of Personnel for Stressful Occupations: The Potential Utility of Psychophysiological Measures DTIC as Selection Tools S ELECTE C MAY 2 6 1993 Ronald J. Heslegrave The Wellesley Hospital and the University of Toronto Caran Colvin San Francisco State University March 1993 93-11746 United States Army Research Institute Behavioral and Social Sciences for the SI Approved for public release; distribution is unlimited. form.Ippro,)c...»

«An informant report behavior diary for measuring temper outbursts in an intervention setting Leah E. Bull1, Chris Oliver1, Penelope L. Tunnicliffe1 & Kate A. Woodcock2 1. Cerebra Centre for Neurodevelopmental Disorders, University of Birmingham, UK 2. School of Psychology, Queen’s University Belfast, UK Author note: Correspondence concerning this article can be sent to Dr Kate A. Woodcock, School of Psychology, Queen’s University Belfast, University Road, Belfast, BT7 1NN, UK. Email to...»

«Learner reflections on the International Baccalaureate (IB) Learner Profile and international mindedness at a bilingual school in Bogota, Colombia John Michael Wells A thesis submitted for the degree of Doctorate of Education (EdD) University of Bath Department of Education January, 2016 COPYRIGHT Attention is drawn to the fact that copyright of this thesis rests with the author. A copy of this thesis has been supplied on condition that anyone who consults it is understood to recognise that its...»

«Title: Surviving downsizing in the financial service industry: exploring impacts on employee engagement and psychological contracts Author: Vivian Ikechukwu-Ifudu, (PhD candidate) and Jan Myers University of Gloucestershire Doctorial Submission Key words: Social exchange theory, psychological contact, and OCB. Introduction Employees respond at both cognitive and emotional levels to their perceptions and experiences of life at work, which, in turn, can affect organisational commitment,...»

«CybreMinder: A Context-Aware System for Supporting Reminders Anind K. Dey and Gregory D. Abowd Future Computing Environments Group College of Computing and GVU Center Georgia Institute of Technology, Atlanta, GA, USA 30332-0280 {anind, abowd}@cc.gatech.edu Abstract. Current tools do not provide adequate support to users for handling reminders. The main reason for this is the lack of use of rich context that specifies when a reminder should be presented to its recipient. We describe CybreMinder,...»

«SUMMARY ³ 'HY 6DUYDEKXWHVX 6KDNWL 5 SHQD 6DPVWKLW Namastasyai, Namastasyai, Namastasyai, Namo Namah” The worship of woman as Mah devi, the Great Goddess and the Supreme Being or as the Ultimate Reality has been one of the significant features of Indian religion from prehistoric times. The religious trends and tendencies of any society are only a reflection of the existing patterns of social and cultural organization. A woman has always been the central figure of our society since the...»

«The Center for www.tcme.org MINDFUL EATING TELECONFERENCE HANDOUT THE CRAVING CYCLE Ronna Kabatznick, Ph.D. TCME Board Member November 2008 PURPOSE AND OVERVIEW This teleconference is specifically designed to explain the dynamics of craving that lead to mindless eating, overeating or binging. In order to release ourselves from the craving cycle, we need to know how it works and become mindful of the places where we get caught. (A future teleconference will show how mindfulness, insight and...»

«4 PERSONALITY PATHOLOGY IN ADOLESCENCE: A REVIEW DREW WESTEN AND CHRISTINE CHANG In working with adolescents, clinicians receive minimal guidance from the fourth edition of the Diagnostic and Statistical Manual of Mental Disorders (DSM–IV; American Psychiatric Association [APA], 1994). Aside from the diagnosis of conduct disorder (and its near-neighbor, oppositional defiant disorder), clinicians are on their own in assessing the personality characteristics that contribute to adolescent...»

«PSYCHOLOGICAL MINDEDNESS AS A PREDICTOR OF TREATMENT OUTCOME WITH DEPRESSED ADOLESCENTS by Mary Beth Boylan B.A., Indiana University of Pennsylvania, 1978 M. A., Duquesne University, 1986 Submitted to the graduate faculty of School of Education in partial fulfillment of the requirements for the degree of Doctor of Philosophy University of Pittsburgh 2006 UNIVERSITY OF PITTSBURGH SCHOOL OF EDUCATION This dissertation was presented by Mary Beth Boylan It was defended on January 30, 2006 and...»

«Human Resources 9.1 Basic Navigation Guide Version Date: July 2012 COPYRIGHT & TRADEMARKS Copyright © 1998, 2011, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly...»

<<  HOME   |    CONTACTS
2017 www.abstract.dislib.info - Abstracts, online materials

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.