iSID - Industrial IDS

General Description

iSID - SCADA Intrusion Detection System (IDS)Radiflow’s iSID Intrusion Detection System (IDS) for SCADA networks is a server-based software that analyzes the OT network traffic in order to protect against cyber threats.

The iSID IDS system combines two distinct competences: SCADA/ICS modeling and Anomaly detection. It receives a parallel (mirrored) stream of all network traffic and analyzes it to both generate and display a network topology model, and serve as a baseline for detecting exceptions indicating unauthorized traffic.

Six detection engines:

Network Visibility

  • Self-Learning of the SCADA network topology
  • Passive Scanning and optional Active Scanning
  • View events from entire network (filtering optional)

Maintenance Management

  • Managing Maintenance operations at a central place
  • Configuring Policy for short and specific time
  • Auditing entire activities during the maintenance

Cyber Attacks

  • Known PLC vulnerabilities
  • Known Protocol vulnerabilities
  • Sensitive commands

Policy Monitor

  • Policy Monitor on every link (Detection mode)
  • integration with Radiflow Security Gateway will be able to enforce policies.
  • Central Management of Radiflow Gateways.

Anomaly Detection

  • Learning device Sampling time
  • Passive Machine Profiling
  • Detecting abnormal memory access to devices

Measuring Operational Behavior

  • Detecting abnormal Delays in the link
  • Detecting abnormal rate of packet dropping
  • Detecting abnormal rate of retransmit