Ultra Electronics 3eTi

DarkNode (3e-636L2)

Industrial DPI firewall with Layer 2 encryption

DarkNode is an affordable Layer 2 encryption appliance with a built in application layer SCADA firewall that protects critical infrastructure from both internal and external cyber-attacks. It is purpose-built to provide strong cryptographic multi-layered protection for network connected industrial devices such as PLCs (Program Logic Controller). Its versatile security platform delivers low-latency network monitoring and filtering performance while its optimized form and design makes it easy to use and deploy anywhere in a network to selectively and invisibly protect one or several network endpoints.

DarkNode is specifically designed to deploy with no change to the existing architecture and with no impact on network performance. It is easily positioned at critical locations to invisibly monitor traffic and issue alerts in the event of anomalous, malicious, or dangerous activity without causing latency. Utilizing 3eTI’s proprietary cyber technology, DarkNode is invisible to attackers so they cannot detect its presence or subvert its protections. It can be remotely managed through an out-of-band network connection over an encrypted channel or through a dedicated management port preventing attackers from discovering that they have triggering an alarm.

Featured Security Controls

  • Layer 2 VLAN Encryption – DarkNode performs the encryption with dedicated hardware delivering low latency network communications across the ICS. DarkNode encrypts Ethernet packets using AES encryption, and can use different encryption keys for different VLANs. In cases where encryption is not needed, 3eTI’s EtherWatch industrial firewall can be deployed.
  • Industrial DPI Capable Firewall – 3eTI’s firewall ensures that only authorized devices can communicate with protected endpoint devices. Its deep packet inspection (DPI) technology detects malicious commands and either prevents them from being transmitted to the PLC or alerts the operator. DPI provides robust cyber security for industrial protocols including OPC, DNP3, MODBUS TCP, BACNet, EtherNet/IP and CANopen/CAN bus. This feature can be tailored to a given industrial protocol or system via a customizable rule wizard. DarkNode is also capable of automatically learning legitimate commands making it easy to write DPI rules.
  • DarkNode Technology – 3eTI’s proprietary DarkNode technology cloaks industrial endpoint data and communications using a “stealth mode”, which means that an attacker can’t detect its presence – they cannot hack what they cannot see. It also can be integrated directly into an existing system with no additional configuration required.

Federally Validated to Meet Security Mandates

As a trusted supplier to the DoD since 1995, 3eTI delivers highly secure network platforms that enable maximum operational productivity. 3eTI’s patented platforms are certified to meet military IA standards. DarkNode is validated to FIPS 140-2 by the National Institutes of Standards and Technologies (NIST) and Common Criteria certified by the NSA’s National Information Assurance Partnership (NIAP) program.