Honeywell ICS Shield

Honeywell ICS Shield exercises centralized operation of protection of operational technologies for security of the connected industrial management systems covering several physical platforms and the different automation equipment. A system also provides safe management of remote assets through the uniform operational center of security.

Business logic

• Visibility and detection
  • Auto-detection of assets
  • Collecting of configurations
  • Classification of assets
  • Change management
  • Visualization of assets

• Reliability and connection
  • AAA is remote access
  • Storage of passwords
  • The protected distributions of files and data transmission

• Compliance to requirements and protection
  • Corrections and updates
  • Collecting of logs of events
  • White/black lists of ports and services
  • Backup and recovery
  • Creation of special rules
  • Reports on compliance to requirements (compliance)

Infrastructure and services

• Secure channel
• Distributed architecture
• Manager politician
• Report generator

Software packages

• Essential — to Detect and connect by means of the protected remote access
  • The protected remote access
  • Two-factor authentication
  • Storage of passwords
  • Audit: reports and video playback
  • Primary detection of assets (optional software/service)

  � to Protect Enhanced by means of security updates and data transmission. The packet of Essential and the following capabilities includes:

  • The protected distribution of files and data transmission
  • Updates
  • Collecting of logs

• Premium — to Raise protection level by means of monitoring and scanning. The packet of Enhanced and the following capabilities includes:
  • Continuous automatic detection of assets (passive detection — optionally)
  • Reports/warning
  • Monitoring
  • Scanning of vulnerabilities
  • Check of compliance to requirements

Architecture and deployment

Distributed architecture and secure channel between the plants and the operational center

• Installation of the Center of protection (SC) in the operational center
• Installation of virtual engines of protection (VSE) at each plant
• Setup of an outgoing secure channel on port 443 with enciphering of TLS
• One rule of the firewall (F) for all remote^[1]

2018: Solution for protection against cyberthreats of the industrial companies

On June 18, 2018 the Honeywell corporation announced release of the software solution for protection against cyberthreats. The technology is intended for the industrial customers operating on different platforms the different systems and networks of management of technology processes from different producers.

The presented solution for management of the distributed funds of cyber defense is based on the Honeywell ICS Shield system which exercises centralized operation of protection of the operational technologies (OT) for security of the connected industrial management systems (IMS) covering several physical platforms and the different automation equipment. A system also provides safe management of remote assets through the uniform operational center of security.

"Aiming to increase the efficiency, the industrial companies connect together transactions worldwide. With respect thereto there is a real need for the technologies of the distributed cyber defense developed especially for industrial management systems". Ruslan Stefanov, the consultant for protection of an APCS of Honeywell in Russia and the CIS countries

The companies lacking for own skills and resources in the field of cyber defense can use services of management of protection of Honeywell. The division of services of management of protection adjusts the protected remote access, automatic installation of packets of corrections, continuous monitoring and acceptance of response measures in case of incidents and also control of firewalls and intrusion detection systems. These services expand possibilities of the industrial companies on elimination of serious spaces in security systems, and, unlike net IT solutions, assume participation of profile experts who carefully study a situation and find optimal balance between production priorities and security requirements, consider in Honeywell company.

Notes