Cybersecurity For Data Centers

Protecting data center operational networks from evolving cyber threats
Cybersecurity For Data Centers
Customer/ Partner:

A large, multi-site data center corporation in Asia Pacific.

Customer Requirement:

Enable security monitoring and management of multiple segmented operational networks without putting these protected networks at risk.

Waterfall’s Unidirectional Solution:

The Waterfall Unidirectional Security Gateway enables the safe monitoring and remote management of operational networks without risk that enterprise connectivity will “leak” attacks back into protected operational control networks.

Data Centers Growing Need To Protect Physical Operations

Enable safe access to OT files, OPCUA data, Syslog alerts, and OT emailed updates for external IT services. Enable the access for an off-site Security Operations Center which the data for security monitoring purposes, and for other IT systems, which use the operations data for a variety of business automation purposes. Enable all of these integrations safely, without risk to physical operations at the data center.

The Challenge icon
The challenge

Waterfall’s Unidirectional Security Gateways were deployed to protect building automation, access control and electrical systems at a fleet of data centers. Each gateway protects multiple data center operational networks and replicates OPC UA, Syslog and other data through unidirectional hardware. In addition, Waterfall’s Remote Screen View enables off-site management and updates of OT systems without enabling risky remote desktop connections.

Waterfall solution - icon
Waterfall solution

Waterfall’s Unidirectional Security Gateways were deployed to protect building automation, access control and electrical systems at a fleet of data centers. Each gateway protects multiple data center operational networks and replicates OPC UA, Syslog and other data through unidirectional hardware. In addition, Waterfall’s Remote Screen View enables off-site management and updates of OT systems without enabling risky remote desktop connections.

Results and benefits - icon
Results & benefits

Security: No attack from any external, third-party or Internet network can leak back into protected operational networks through the unidirectional gateway hardware.

Simplicity: Unidirectional server replication and emulation make Waterfall’s gateways easy to use. The unidirectional replicas are normal participants in external IT networks.

Efficiencies: By securely enabling access to OT data, the gateways help the business realize SOC-based visibility into OT networks and other business automation and efficiencies – safely.

vertical red line
Theory of Operation
Click to enlarge

Waterfall Unidirectional Security Gateway solutions replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks emanating from external less-trusted networks. Waterfall Gateways contain both hardware and software components. The gateway hardware can transmit information from an industrial network to an external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into the protected industrial network. Unidirectional Gateway software makes copies of industrial servers, enabling external IT and Internet users to connect the replica servers for access to real-time operational information. At this customer, the Unidirectional Security Gateway copies standard OPC-UA servers, Syslog servers, SMTP servers and file servers from operational networks to the IT network where SOC systems and analysts, as well as other IT business automation systems can access the replicas and their OT data normally. The gateway is also equipped with unidirectional Remote Screen View to enable remote vendor support personnel to see the screen of the Engineering Workstation in order to assist site personnel in diagnosing, adjusting and correcting software and hardware problems.

vertical red line
Unidirectional Security Gateway Benefits:

arrow red rightSafe IT/OT integration, providing access to operations data, without risk of compromise of critical data center operations networks.

arrow red rightSafe unidirectional data transfer to offsite or less trusted networks without introducing cyber threats to the OT environment.

arrow red rightSupports 100+ industrial protocols & applications; from legacy systems to cloud-based platforms.

arrow red rightNo attack, no matter how sophisticated or malicious, can enter the unidirectionally protected network.

arrow red rightEnables secure deployment of IT and outsourced SIEM, SOC, NOC & security monitoring solutions.

vertical red line
Global Cybersecurity Standards Recommend Unidirectional Security Gateways

Waterfall Security is the market leader for Unidirectional Gateway technology with installations at critical infrastructure sites around the world. The level of protection provided by Waterfall’s Unidirectional Security Gateway technology is recognized as best practice by leading industry standards bodies and authorities such as NIST, ANSSI, NERC CIP, ISA / IEC 62443, the US DHS & CISA, ENISA, TS50701 and many others.

Share

Stay up to date

Subscribe to our blog and receive insights straight to your inbox