The document discusses Tempered Networks' security platform that protects critical infrastructure and assets from cyber attacks. It creates isolated secure overlay networks using identity-based encryption and micro-segmentation to cloak devices off IP networks. This provides highly constrained and easily managed secure connectivity between local and distributed assets while requiring minimal maintenance. The platform works with existing infrastructure and deploys quickly to safeguard critical systems in industries like oil and gas.
2. The Problem We Solve
You have business critical control networks, vital server assets, customer data,
intellectual property, and critical devices that drive your business
We provide organizations with a security platform that cloaks and protects business
critical infrastructure and assets from cyber attacks and human error
3. Market Pressure
OT & IT Convergence
Operational technologies (OT) are being interconnected across IT networks to
increase agility and create integrated environments, supporting end-to-end
business processes
• OT are usually hosted outside of IT data centers
• OT vendors have very different approaches to system architectures and security
• Challenges:
– Access to systems
– Disparate connectivity (interfaces)
– Organizational governance
– Perspectives and different semantics
4. A Well-Tempered Network
Identity-based Overlay Networks
End-to-End Encryption
• Embedded PKI
• AES-256
Micro-segmentation
• Isolated secure overlay networks
• Cloaking technology removes
devices off IP networks
• Device-based Whitelisting
• Create security policies based on a
whitelist
Automated Orchestration
• Centralized management of trust
relationships and policies
• Create unlimited secure overlay
networks—on the fly
5. Secure Connectivity to Mission Critical Systems & Assets
Secure Network Connectivity
and Operational Efficiency
• Provides highly constrained,
easily managed secure
connectivity between any local
and distributed assets
• Sharing data between specified
remote systems and historian is
simple, with uncompromised
security
• No changes to your current
network
6. Enterprise Network
SCADA Network
Cellular Network
Safeguarding Oil & Gas Critical Assets
Historian
Oil Pump
Oil Rig
Works with existing
infrastructure
Less than 1 hour of
maintenance per qtr.
Cloaks and securely
extends your network
Overlay network that
deploys in minutes
7. Enterprise Network
Cellular Network
Industrial Systems
Secure Identity-based Overlay Networks
HMI
PLCs
Works with existing
infrastructure
Set & Forget - minimal
configuration per qtr.
Cloaks and securely
extends your network
Overlay network that
deploys in minutes
SCADA Servers
SCADA Network
8. Defense in Depth – Where do we fit?
Multiple layers of defense prevent
direct attacks against critical systems
9. HIPswitch Conductor
Industrial and Data-Center Grade Security Appliances
Scalable Orchestration Engine
HIPswitch-100 Series HIPswitch-200 Series
HIPswitch-300 Series HIPswitch-400
Tempered Networks Product Line Up
Available as physical or virtual
appliances
HIPswitch-200/300/400 supports
Serial to IP encapsulation
HIPswitch-300 & 400 support High
Availability
HIPswitch-100/200 supports failover
between wired and cellular & WiFi
Hinweis der Redaktion
Traditional environment – if anyone gained access to network, then access to everything
HipSwitch security appliances that drops into your environment – seamlessly plug devices into HIPswitches and build private overlay networks that are isolated from underlying network
Lens animation : cloaking assets – can’t hack what they can’t see or ping
Communication lines: Encrypting communications. No communication between devices from start “default denied” – until communication policies are enabled via Simpleconnect user interface – whitelisting
Tempered Networks is complementary to other IT Security systems
Customers often have invested in other IT security solutions, such as Firewalls, Deep Packet Inspection (DPI), Security Incident and Event Management (SIEM) systems, Data Diodes, and Intrusion Detection Systems (IDS). Our solution works with any of these existing systems and preserves the customer’s investment. For example, a customer may use firewalls for perimeter protection of IT assets, but firewalls only provide inspection capabilities based on elements of the communication payloads that can be spoofed by any attacker. The Tempered Networks solution not only builds a secure perimeter for protection, but also adds an additional layer of security by cloaking the footprint of their critical infrastructure. So, even if an attacker gained access to their existing VLAN or VPN, their critical infrastructure and information is protected, since it is cloaked and not visible to hackers.