What do you do after an attack when you need to know what happened? How can you recover from a cyber attack if you can’t trust your information? Modern cyber attackers routinely erase or compromise logs to hide evidence of wrong-doing. All network repositories, including central SOCs and cloud backups, can be accessed and so can be breached. The Waterfall BlackBox provides a tamper-proof online repository which can survive a cyber attack, and prevents attackers from covering their tracks.
What do you do after an attack when you need to know what happened? How can you recover from a cyber attack if you can’t trust your information? Modern cyber attackers routinely erase or compromise logs to hide evidence of wrong-doing. All network repositories, including central SOCs and cloud backups, can be accessed and so can be breached. The Waterfall BlackBox provides a tamper-proof online repository which can survive a cyber attack, and prevents attackers from covering their tracks.
Preserves copies of logs, packets & other
data before and during a cyber attack
Reliable forensics facilitate post-attack
analysis of a cyber attack and ensure
business continuity
Hardware-enforced unidirectional protection
of logged data with encryption and
authentication of logged information
The BlackBox appliance can only be accessed
physically via a dedicated out-of-band port
BlackBox is available in 1U Rack Mount form
factor for permanent pre-attack deployment
Inside Waterfall’s BlackBox is a high speed, high capacity logging and analysis system able to record attack information, attempted changes, manipulation of records and abnormal logging and recording conditions. When necessary, data can be retrieved and inspected securely by physically accessing the BlackBox appliance via the Secure Data Access port.
Unidirectional Gateway technology contains both hardware and software components. The hardware components include a TX side, containing a fiber-optic transmitter/ laser, and an RX side, containing an optical receiver, but no laser. The gateway hardware can transmit information from a signaling system network to the BlackBox data manager, but is physically incapable of sending any status, feedback or any signal at all back to an attacker who might seek to subvert the recording system.
Common Criteria EAL 4+, ANSSI CSPN, NITES Singapore, Korean KC Certification and Israel NISA
Idaho National Labs, Digital Bond Labs
Global ICS Standards & Regulations, NERC CIP, IEC 62443, NRC 5.71, NIST 800-82r2, CFATS, ISO, IIC SF, ANSSI, and many more
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
