Ultra Intelligence & Communications

EtherGuard (3e-636L3)

Industrial DPI firewall with Layer 3 encryption

EtherGuard, part of the CyberFence CIP series, is an affordable Layer 3 encryption appliance with a built in application layer SCADA firewall that protects critical infrastructure from both internal and external cyber-attacks. It is purpose-built to provide strong cryptographic multi-layered protection for network connected industrial devices such as PLCs (Program Logic Controller). Its versatile security platform delivers low-latency network monitoring and filtering performance while its optimized form and design makes it easy to use and deploy anywhere in a network to selectively and invisibly protect one or several network endpoints.

EtherGuard is specifically designed to deploy with no change to the existing architecture and with no impact on network performance. It is easily positioned at critical locations to invisibly monitor traffic and issue alerts in the event of anomalous, malicious, or dangerous activity without causing latency. Utilizing 3eTI’s proprietary cyber technology, EtherGuard is invisible to attackers so they cannot detect its presence or subvert its protections. EtherGuard can be remotely managed through an out-of-band network connection over an encrypted channel or through a dedicated management port preventing attackers from discovering that they have triggering an alarm.

Featured Security Controls

  • Layer 3 Suite B Encryption – EtherGuard provides a Suite B mode allowing the customer to use only the NSA recommended cryptographic algorithms. These include FIPS 140-2 validated AES-256, ECDSA certificates, and ECDH key agreement, to provide the strongest commercially available security.
  • Industrial DPI Capable Firewall – 3eTI’s firewall ensures that only authorized devices can communicate with protected endpoint devices. Its deep packet inspection (DPI) technology detects malicious commands and either prevents them from being transmitted to the PLC or alerts the operator. DPI provides robust cybersecurity for industrial protocols including OPC, DNP3, MODBUS TCP, BACNet, EtherNet/IP and CANopen/CAN bus. This feature can be tailored to a given industrial protocol or system via a customizable rule wizard. EtherGuard is also capable of automatically learning legitimate commands making it easy to write DPI rules.
  • Port Authentication – The EtherGuard device implements 802.1x port authentication, which means only those devices with valid certificates can use the network ports, any device without a valid certificate won’t get a connection – preventing man in the middle attacks.

Federally Validated to Meet Security Mandates

As a trusted supplier to the DoD since 1995, 3eTI delivers highly secure network platforms that enable maximum operational productivity. 3eTI’s patented platforms are certified to meet military IA standards. DarkNode is validated to FIPS 140-2 by the National Institutes of Standards and Technologies (NIST) and Common Criteria certified by the NSA’s National Information Assurance Partnership (NIAP) program.