iSID - Industrial Threat Detection

Overview

Radiflow’s iSID Industrial Threat Detection System for SCADA networks is a server-based software that analyzes the OT network traffic in order to protect against cyber threats.

iSID combines two distinct competences: SCADA/ICS modeling and Anomaly detection. It receives a parallel (mirrored) stream of all network traffic and analyzes it to both generate and display a network topology model, and serve as a baseline for detecting exceptions indicating unauthorized traffic.

iSID’s functionality can be further enhanced through integration with third-party solution providers’ offerings, including Production Database (Historian) Value Analysis from Aperio and Vulnerability Intelligence from dark-web sources by Sixgill

 

Six detection engines:

Network Visibility
  • Self-Learning of the SCADA network topology
  • Passive Scanning and optional Active Scanning
  • View events from the entire network (with optional filtering)
Maintenance Management
  • Central Management of maintenance operations
  • Policy configuration for specific time slots
  • Auditing for all activities performed during maintenance
Cyber Attacks
  • Known PLC vulnerabilities
  • Known Protocol vulnerabilities
  • Sensitive commands
Policy Monitor
  • Policy Monitor on every link (Detection mode)
  • Integration with Radiflow Gateway for policy enforcement.
  • Central Management of Radiflow Gateways.
Anomaly Detection
  • Learning device Sampling time
  • Passive Machine Profiling
  • Detecting abnormal memory access to devices
Measuring Operational Behavior
  • Detecting abnormal Delays in the link
  • Detecting abnormal rate of packet dropping
  • Detecting abnormal rate of retransmit
Download Datasheet

[powr-contact-form id=43626c73_1531164633]