Webinar: Top 10 Cyberattacks on Industrial and Critical Infrastructure of 2024
Days
Hours
Minutes
Seconds
Register Now

Unbreachable Access to OT Data

Unidirectional Gateways provide unbreachable protection for OT environments, while allowing secure and continuous access to OT data.

UGW

Hardware Protection against Cyberattacks

Unlimited

Hardware-enforced security at the site perimeter – No cyber attack can get through the unidirectional hardware to put physical operations at risk

Unlimited

Strong physical segmentation – Data queries and responses occur exclusively within the IT network, without ever passing into OT environments.

Unlimited

Wide interoperability – Connectors for a wide array of OT and even IT data sources, servers and protocols.

How It Works

UGW hardware provides absolute protection while the software enables seamless enterprise connectivity

Group 1117

Connect

An OT network safely to a less secure IT network

Group 1117-1

Protect

The OT network with hardware-enforced technology

Group 1117-2

Replicate

OT data in real-time to external networks

Benefits

Absolute Protection

The gateway hardware is physically able to send information in only one direction.

Network Visibility

The software collects data from industrial network servers and creates replicas on the enterprise network. IT users can then access these replicas seamlessly.

No Attacks

No matter how sophisticated, attacks cannot propagate back to the industrial network through the gateway.

Features

asdfxxxx

Security-First Design 

Prioritizing cybersecurity in every aspect.

1-2

Access Any Data 

Compatible with Waterfall’s large library of off-the-shelf connectors

33

Scalability & Performance 

1Gbps or 10Gbps throughput options

asdfxxxx

Self Contained Appliance 

No need to install hosts or software anywhere else in OT or IT networks

1-2

Easy to Use 

Web-based user interface is the only user interface to learn – use it to configure, manage, monitor and even trouble-shoot the device.

33

Battle Proven 

Installed at 1000s of sites globally

The software connectors duplicate servers and simulate devices, allowing enterprise users and applications to maintain bidirectional access to OT data from the replicated servers. Waterfall supports a wide range of SCADA systems and industrial platforms, including the following:
SCADA Systems
ABB - 800xA (SymphonyPlus)
AspenTech - IP21
AVEVA - DataHub
AVEVA - eDNA
AVEVA - Enterprise SCADA (Oasys)
AVEVA - PI – Asset Framework
AVEVA - PI – History Backfill
AVEVA - PI Points
AVEVA - Wonderware
Bently Nevada - System1
Curtis Wright - Scientech R*Time
Emerson - AMS Machine Works / Device Manager
Emerson - EDS
Emerson - PlantWeb Insight
Emerson - PlantWeb Optics
GE - AEMS Reliance
GE - GridOS
GE - GSM
GE - iFix
GE - OSM
GE - Proficy Historian (iHistorian)
Hitachi-ABB - ADMS
Honeywell - AMS Dynamo
Honeywell - Experion
Honeywell - Forge
Honeywell - PHD
Leidos - Hold Baggage Screening (HBS) system
Rockwell - FactoryTalk
Schneider Electric - ADMS ESCADA
Schneider Electric - EcoStruxure
Schneider Electric - Invensys AIM
Schneider Electric - SCADA Expert ClearSCADA
Siemens - CFE
Siemens - OT Companion (SICAM GridEdge)
Siemens - S7
Siemens - WinTS
Siemens Energy - Gamesa
Siemens Energy - T2000
Siemens Energy - T3000
Yokogawa - CI Server
Yokogawa - ExaOPC
Yokogawa - Exaquantum
Monitoring Protocols
Broadcast stream
Ethernet Spoofing
IP Video and Audio
Multicast stream
Netflow
Remote Printing
Remote Screen View
SMTP
SNMP
Splunk
SYSLOG TCP
SYSLOG UDP
TCP Multi
TCP/IP
Time Sync
UDP
UDP Spoofing
Monitoring Systems
ArcSight
Elastic
FortiSIEM
Google Chronicle
Helix
IBM QRadar
LogRhythm
Microsoft Sentinel
SolarWinds
SolarWinds Orion
Splunk
Industrial Protocols
BACnet
Building Automation Protocol
DNP3
IEC 60870-5-104
IN/OUT ICCP
Modbus
OPC AE
OPC DA (Classic)
OPC Historical DA
OPC Protocols
OPC UA
OPC UA Historians
Unidirectional ICCP
Databases
Microsoft SQLServer
MySQL Databases
Oracle Databases
Waterfall Updater
AV updates
Nessus Security Center Updates
WSUS Updater
Files
Folder Mirroring
FTP and FTPS
Local Folder Transfer
Remote Folder Transfer
SFTP (SSH)
TFTP
Messaging
Active MQ
AMQP
HTTP(s) Requests
IBM MQ
Kafka
Microsoft MQ
MQTT
TIBCO EMS
The hardware provides an unbreachable physical barrier to online attacks targeting OT networks.

WF-600

Waterfall’s flagship WF-600 Unidirectional Security Gateway provides unbreachable protection for OT / industrial control system networks. The WF-600 gateway provides OT network perimeter protection with a hardware enforced, physical barrier preventing remote attacks, malware, DOS attacks, ransomware and human errors from entering the protected network.

Learn more

WF-500

The WF-500 Unidirectional Security Gateway offers unbreachable industrial protection, enables safe IT/OT integration, secure remote access, and unlimited industrial network monitoring.

Learn more

WF-500 DIN RAIL

The Waterfall WF-500 DIN Rail is a Unidirectional Security Gateway in a compact design that allows space-constrained sites to benefit from Waterfall’s unbreachable physical protection from cyber attacks on industrial networks. 

Learn more

Waterfall for IDS

Waterfall for Intrusion Detection Systems (IDS) enables IT networks to safely monitor OT systems to detect intrusion attempts by preventing the risk of anything going back into the OT networks via the IDS.

Learn more

WF-Secure Bypass

The Waterfall Secure Bypass Module provides physical protection for emergency and other remote support mechanisms, while providing the industrial site with physical control over the frequency and duration of remote access. Secure Bypass provides secure remote access for trusted insiders.

Learn more

WF-FLIP

The Waterfall FLIP is a type of Unidirectional Gateway whose orientation can be physically reversed, enabling safe scheduled updates to OT networks without the vulnerabilities firewalls always introduce.

Learn more

WF-Blackbox

The Waterfall Blackbox provides a tamper-proof online repository that can survive a cyber attack, preventing attackers from hiding evidence of how they entered a network and their malicious actions within it.

Learn more

One way for data.
Zero entry for attackers.