Нельзя защищать то, что вы не видите. Визуализация, обнаружение действий сотрудников, обнаружение ненужного трафика, снижение поверхности атаки, защита от атак, обнаружение неизвестного вредоносного кода, корреляция событий, Machine Learning, поведенческие аномалии - это все делает одно устройство компании Palo Alto Networks. Почему заказчики выбирают NGFW для защиты сети ICS/SCADA.
- Лучшая реализация движка определения приложений IoT, IIoT, ICS, SCADA. Вы переходите на новый уровень визуализации своей собственной сети: от пакетов к приложениям.
- Легкость добавления собственных сигнатур приложений. Например, для IEC 104, ICCP, DNP3, BACnet, OPC, GTP протоколов вы можете добавить собственные детекторы активности и реакции.
- Прозрачная интеграция в существующую топологию без изменения сетевых потоков и маршрутизации на основе прозрачного подключения Virtual Wire или на SPAN.
- Прозрачное подключение с добавлением сегментации используя VLAN Insertion.
- Успешные инсталляции в 150 странах мира у 85000 заказчиков.
- Лидер Gartner в номинации Лучший межсетевой экран
- Лидер Forrester в номинации Лучшая реализация Zero Trust
- Лидер индустрии использующий Machine Learning для обнаружения вредоносного кода
- Поддержка NIST CyberSecurity Framework
- Готовые схемы архитектуры защиты для ICS/SCADA
- Работа со всеми мировыми производителями ICS/SCADA по управлению приложениями и защите от уязвимостей.
- Лучшее качество защиты и отсутствие методик обхода по тестам NSS Labs и Cyberratings.
Полный список поддерживаемых приложений в брошюре по APP-ID для ICS/SCADA
и на портале applipedia.paloaltonetworks.com
и на портале applipedia.paloaltonetworks.com
104 APCI KNXNET/IP
ABB Network Manager Matrikon-tunneller
ABB-RP570 Mitsubishi-melsec
ADDP MMS-ICS
BACnet Modbus
CC-Link MQTT
CIP EtherNet IP MTConnect
CN/IP (CEA-852) Net-C-X
COAP Niagara-Fox
Cygnet SCADA Oasys-scada
DLMS / COSEM / IEC 62056 Omron-fins
DNP3 OPC-DA
Elcom 90 OPC UA
Emerson-Delta-V OSIsoft PI Systems
Ethercat Ovation
Ether-S-Bus Profinet
ETHER-S-I/O (esio) R-GOOSE
Fanuc-focas ROC
Fisher-ROC Rockwell FactoryTalk
Foundation Fieldbus RTCM (GPS/IP)
GE EGD RTPS
GE-Eterra-isd Schneider OASyS
GE-Eterra-SCADA Schneider Wonderware
Suitelink
GE-Historian Schweitzer Engineering SEL
Fast Messaging
GE iFIX Siemens FactoryLink
HDLC-OVER-TCP Siemens Profinet IO
Honeywell Matrikon OPC
Tunneller Siemens-P2
IEEE-c37.118-
Synchrophasor
Siemens S7
IRIG-106 Siemens S7-Comm-Plus
ICCP (IEC 60870-6 / TASE.2) Suitelink
IEC 60870-5-104 Twincat
IEC-61850 Advance Messaging Queuing Protocol (AMQP)
RabbitMQ General Packet Radio Service (GPRS)
Signal System 7 (SS7) modbus-base
modbus-encapsulated-transport
modbus-mask-write-register
modbus-read-coils
modbus-read-discrete-inputs
modbus-read-fifo-queue
modbus-read-file-record
modbus-read-holding-registers
modbus-read-input-registers
modbus-read-write-register
modbus-write-file-record
modbus-write-multiple-coils
modbus-write-multiple-registers
modbus-write-single-coil
modbus-write-single-register cip-ethernet-ip-base
cip-ethernet-ip-list-identity
cip-ethernet-ip-reg-session
cip-ethernet-ip-send-rr-data
cip-ethernet-ip-send-unit-data dlms-base
dlms-get-request (functional)
dlms-get-response (functional)
dlms-init-req-high-level-auth (functional)
dlms-init-req-low-level-auth (functional)
dlms-init-req-no-auth (functional)
dlms-init-response (functional)
dlms-set-request (functional)
dlms-set-response (functional) dnp3-abort-file
dnp3-assign-class
dnp3-authenticate-file
dnp3-base
dnp3-close-file
dnp3-cold-restart
dnp3-confirm
dnp3-delay-measurement
dnp3-delete-file
dnp3-direct-operate
dnp3-direct-operate-no-resp
dnp3-disable-unsolicited
dnp3-enable-unsolicited
dnp3-freeze
dnp3-freeze-at-time
dnp3-freeze-at-time-no-resp
dnp3-freeze-clear
dnp3-freeze-clear-no-resp
dnp3-freeze-no-resp
dnp3-get-file-information
dnp3-initialize-application
dnp3-initialize-data
dnp3-open-file
dnp3-operate
dnp3-read
dnp3-record-current-time
dnp3-save-configuration
dnp3-select
dnp3-start-application
dnp3-stop-application
dnp3-unsolicited-message
dnp3-warm-restart
dnp3-write dlms-base
dlms-get-request (functional)
dlms-get-response (functional)
dlms-init-req-high-level-auth (functional)
dlms-init-req-low-level-auth (functional)
dlms-init-req-no-auth (functional)
dlms-init-response (functional)
dlms-set-request (functional)
dlms-set-response (functional) cn-ip-acknowledge
cn-ip-base
cn-ip-channel-membership
cn-ip-channel-membership-req
cn-ip-channel-routing
cn-ip-channel-routing-req
cn-ip-data-packet
cn-ip-device-config-req
cn-ip-device-configuration
cn-ip-device-registration
cn-ip-heartbeat-req
cn-ip-segment
cn-ip-send-list
cn-ip-send-list-req 104apci-supervisory
104apci-unnumbered
104apci-unnumbered-startdt-act
104apci-unnumbered-startdt-con
104apci-unnumbered-stopdt-act
104apci-unnumbered-stopdt-con
104apci-unnumbered-test-act
104apci-unnumbered-test-con
104asdu-file-transfer
104asdu-file-transfer-type120
104asdu-file-transfer-type121
104asdu-file-transfer-type122
104asdu-file-transfer-type123 104asdu-file-transfer-type125
104asdu-file-transfer-type126
104asdu-file-transfer-type127
104asdu-param-control
104asdu-param-control-type110
104asdu-param-control-type111
104asdu-param-control-type112
104asdu-param-control-type113
104asdu-process-control
104asdu-process-control-type45
104asdu-process-control-type46
104asdu-process-control-type47
104asdu-process-control-type48
104asdu-process-control-type49
104asdu-process-control-type50
104asdu-process-control-type51
104asdu-process-control-type58
104asdu-process-control-type59
104asdu-process-control-type60
104asdu-process-control-type61
104asdu-process-control-type62
104asdu-process-control-type63
104asdu-process-control-type70
104asdu-process-monitor
104asdu-process-monitor-type1
104asdu-process-monitor-type10
104asdu-process-monitor-type11
104asdu-process-monitor-type12
104asdu-process-monitor-type13
104asdu-process-monitor-type14
104asdu-process-monitor-type15
104asdu-process-monitor-type16
104asdu-process-monitor-type17
104asdu-process-monitor-type18
104asdu-process-monitor-type19
104asdu-process-monitor-type2
104asdu-process-monitor-type20
104asdu-process-monitor-type21
104asdu-process-monitor-type3 104asdu-process-monitor-type30
104asdu-process-monitor-type31
104asdu-process-monitor-type32
104asdu-process-monitor-type33
104asdu-process-monitor-type34
104asdu-process-monitor-type35
104asdu-process-monitor-type36
104asdu-process-monitor-type37
104asdu-process-monitor-type38
104asdu-process-monitor-type39
104asdu-process-monitor-type4
104asdu-process-monitor-type40
104asdu-process-monitor-type5
104asdu-process-monitor-type6
104asdu-process-monitor-type7
104asdu-process-monitor-type8
104asdu-process-monitor-type9
104asdu-system-control
104asdu-system-control-type100
104asdu-system-control-type101
104asdu-system-control-type102
104asdu-system-control-type103
104asdu-system-control-type104
104asdu-system-control-type105
104asdu-system-control-type106
104asdu-system-control-type107
104asdu-system-monitor
104asdu-system-monitor-type64
iec-60870-5-104-base mms-ics-ack-event-notification
mms-ics-additional-service
mms-ics-alter-event-cond-monit
mms-ics-alter-event-enroll
mms-ics-base
mms-ics-cancel
mms-ics-conclude
mms-ics-create-journal
mms-ics-create-prog-invocations mms-ics-create-prog-invocation
mms-ics-define-event-action
mms-ics-define-event-condition
mms-ics-define-event-enroll
mms-ics-delete-domain
mms-ics-delete-event-action
mms-ics-delete-event-condition
mms-ics-delete-event-enroll
mms-ics-delete-journal
mms-ics-delete-prog-invocation
mms-ics-download-segment
mms-ics-eventnotification
mms-ics-file-close
mms-ics-file-delete
mms-ics-file-directory
mms-ics-file-open
mms-ics-file-read
mms-ics-file-rename
mms-ics-get-alarm-enroll-sum
mms-ics-get-alarm-summary
mms-ics-get-capability-list
mms-ics-get-domain-attribute
mms-ics-get-event-action-attr
mms-ics-get-event-cond-attr
mms-ics-get-event-enroll-attr
mms-ics-get-prog-invo-attr
mms-ics-informationreport
mms-ics-initial-download-seq
mms-ics-initialize-journal
mms-ics-initiate-upload-seq
mms-ics-kill
mms-ics-load-domain-content
mms-ics-obtain-file
mms-ics-read-journal
mms-ics-rep-event-action-stat
mms-ics-rep-event-enroll-stat
mms-ics-report-event-cond-stat
mms-ics-report-journal-status
mms-ics-report-pool-sema-stat mms-ics-report-sema-entry-stat
mms-ics-request-domain-download
mms-ics-request-domain-upload
mms-ics-reset
mms-ics-resume
mms-ics-start
mms-ics-stop
mms-ics-store-domain-content
mms-ics-terminate-download-seq
mms-ics-terminate-upload-seq
mms-ics-trigger-event
mms-ics-unsolicitedstatus
mms-ics-upload-segment
mms-ics-write-journal iccp-base
iccp-define-named-type
iccp-define-named-variable
iccp-define-named-variable-list
iccp-define-scattered-access
iccp-define-semaphore
iccp-delete-named-type
iccp-delete-named-variable-list
iccp-write
iccp-delete-semaphore
iccp-delete-variable-access
iccp-download-segment
iccp-get-name-list
iccp-get-named-type-attr
iccp-get-scattered-access-attr
iccp-get-variable-access-attr
iccp-identity
iccp-initiate-download-seq
iccp-initiate-upload-seq
iccp-input
iccp-read
iccp-relinquish-control iccp-rename
iccp-report-pool-sem-status
iccp-report-sem-entry-status
iccp-report-semaphore-status
iccp-status
iccp-take-control
iccp-terminate-download-seq
IEC-61850
IEC-61850-base
IEC-61850-delete-named-var-list
IEC-61850-getatadir siemens-s7-comm-plus-base
siemens-s7-comm-plus-create-ob
siemens-s7-comm-plus-delete-ob
siemens-s7-comm-plus-download
siemens-s7-comm-plus-end-seq
siemens-s7-comm-plus-explore
siemens-s7-comm-plus-explore
siemens-s7-comm-plus-get-mtvar
siemens-s7-comm-plus-get-mtvar
siemens-s7-comm-plus-get-vsstr
siemens-s7-comm-plus-get-vsstr
siemens-s7-comm-plus-run-cpu
siemens-s7-comm-plus-set-mtvar
siemens-s7-comm-plus-set-mtvar
siemens-s7-comm-plus-set-time
siemens-s7-comm-plus-set-var
siemens-s7-comm-plus-set-var
siemens-s7-comm-plus-stop-cpu
siemens-s7-comm-plus-upload c37.118-cmd-frame-data-tx-off
c37.118-cmd-frame-data-tx-on
c37.118-cmd-frame-extended-frm
c37.118-cmd-frame-send-cfg-1
c37.118-cmd-frame-send-cfg-2
c37.118-cmd-frame-send-hdr-frm
c37.118-command-frame
c37.118-configuration-frame-1
c37.118-configuration-frame-2
c37.118-data-frame
c37.118-header-frame
ieee-c37.118-synchrophasor-base siemens-s7-base
siemens-s7-check-password-set
siemens-s7-controller
siemens-s7-download-program
siemens-s7-read
siemens-s7-set-clock
siemens-s7-setup-communication
siemens-s7-start
siemens-s7-stop
siemens-s7-upload-program
siemens-s7-warm-restart
siemens-s7-write bacnet-abort
bacnet-ack-alarm
bacnet-add-list-element
bacnet-atomic-read-file
bacnet-atomic-write-file
bacnet-authenticate
bacnet-base
bacnet-complex-ack
bacnet-confirmed-cov-notify
bacnet-confirmed-event-notify
bacnet-confirmed-private-xfer
bacnet-confirmed-text-message
bacnet-create-object
bacnet-delete-object
bacnet-device-comm-control bacnet-error
bacnet-error-ack-alarm
bacnet-error-add-list-element
bacnet-error-atomic-read-file
bacnet-error-atomic-write-file
bacnet-error-conf-cov-notify
bacnet-error-conf-event-notif
bacnet-error-conf-private-trf
bacnet-error-conf-text-mssg
bacnet-error-delete-object
bacnet-error-device-comm-cntrl
bacnet-error-get-alarm-summary
bacnet-error-get-enrollment-sum
bacnet-error-get-event-info
bacnet-error-life-safety-oper
bacnet-error-read-property
bacnet-error-read-property-cond
bacnet-error-read-property-mul
bacnet-error-read-range
bacnet-error-reinitialize-dev
bacnet-error-remove-list-elem
bacnet-error-request-key
bacnet-error-subscribe-cov
bacnet-error-subscribe-cov-prop
bacnet-error-vt-data
bacnet-error-vt-open
bacnet-error-write-prop-mult
bacnet-get-alarm-summary
bacnet-get-enrollment-summary
bacnet-get-event-information
bacnet-i-am
bacnet-i-have
bacnet-life-safety-operation bacnet-read-prop-conditional
bacnet-read-prop-multiple
bacnet-read-property
bacnet-read-range
bacnet-reinitialize-device
bacnet-reject
bacnet-remove-list-element
bacnet-request-key
bacnet-segment-ack
bacnet-simple-ack
bacnet-subscribe-cov
bacnet-subscribe-cov-property
bacnet-time-synchronization
bacnet-unconfirmed-cov-notif
bacnet-unconfirmed-event-notif
bacnet-unconfirmed-private-txfr
bacnet-unconfirmed-text-message
bacnet-utc-time-synchronization
bacnet-vt-close
bacnet-vt-data
bacnet-vt-open
bacnet-who-has
bacnet-who-has-access-credent
bacnet-who-has-access-door
bacnet-who-has-access-point
bacnet-who-has-access-right
bacnet-who-has-access-user
bacnet-who-has-access-zone
bacnet-who-has-accumulator
bacnet-who-has-analog-input
bacnet-who-has-analog-output
bacnet-who-has-analog-value
bacnet-who-has-averaging
bacnet-who-has-binary-input bacnet-who-has-binary-output
bacnet-who-has-binary-value
bacnet-who-has-bitstring-value
bacnet-who-has-calendar
bacnet-who-has-command
bacnet-who-has-cred-data-input
bacnet-who-has-date-pattern-val
bacnet-who-has-date-value
bacnet-who-has-device
bacnet-who-has-event-enrollment
bacnet-who-has-event-log
bacnet-who-has-global-group
bacnet-who-has-group
bacnet-who-has-integer-value
bacnet-who-has-large-analog-val
bacnet-who-has-life-safety-pt
bacnet-who-has-life-safety-zone
bacnet-who-has-multi-state-in
bacnet-who-has-multi-state-out
bacnet-who-has-multi-state-val
bacnet-who-has-network-security
bacnet-who-has-notification-cls
bacnet-who-has-octatestring-val
bacnet-who-has-pulse-converter
bacnet-who-has-schedule
bacnet-who-has-structured-view
bacnet-who-has-time-pattern-val
bacnet-who-has-time-value
bacnet-who-has-trend-log
bacnet-who-has-trend-log-mul
bacnet-who-is
bacnet-write-prop-multiple
bacnet-write-property
bacnet-who-has-time-value
bacnet-who-has-trend-log-mul addp-base
addp-dhcp-network-config-req (functional)
addp-dhcp-network-config-resp (functional)
addp-discovery-request (functional)
addp-discovery-response (functional)
addp-reboot-request (functional)
addp-reboot-response (functional)
addp-static-network-config-req (functional)
addp-static-network-config-resp (functional) knxnet-ip-base
knxnet-ip-configuration-request (functional)
knxnet-ip-connect-request (functional)
knxnet-ip-connection-state-req (functional)
knxnet-ip-description-request (functional)
knxnet-ip-disconnect-request (functional)
knxnet-ip-search-request (functional)
knxnet-ip-tunnelling-request (functional) coap-base
coap-delete-request (functional)
coap-get-request (functional)
coap-post-request (functional)
coap-put-request (functional) opc-ua-acknowledge (functional)
opc-ua-activate-session-req (functional)
opc-ua-add-nodes-req (functional)
opc-ua-add-references-req (functional)
opc-ua-browse-next-req (functional)
opc-ua-browse-req (functional)
opc-ua-call-method-req (functional)
opc-ua-call-req (functional)
opc-ua-cancel-req (functional)
opc-ua-close (functional)
opc-ua-close-secure-channel-req (functional)
opc-ua-close-session-req (functional)
opc-ua-create-session-req (functional)
opc-ua-create-subscription-req (functional)
opc-ua-delete-nodes-req (functional)
opc-ua-delete-references-req (functional)
opc-ua-delete-subscriptions-req (functional)
opc-ua-error (functional)
opc-ua-find-server-req (functional)
opc-ua-get-endpoints-req (functional)
opc-ua-hello (functional)
opc-ua-history-read-req (functional)
opc-ua-history-update-req (functional)
opc-ua-open (functional)
opc-ua-open-secure-channel-req (functional)
opc-ua-publish-req (functional)
opc-ua-query-first-req (functional) opc-ua-query-next-req (functional)
opc-ua-read-req (functional)
opc-ua-register-nodes-req (functional)
opc-ua-register-servers-req (functional)
opc-ua-republish-req (functional)
opc-ua-set-monitoring-mode-req (functional)
opc-ua-set-publishing-mode-req (functional)
opc-ua-set-triggering-req (functional)
opc-ua-unregister-node-req (functional)
opc-ua-write-req (functional) gtp-base
gtp-prime
gtp-u
gtpv0
gtpv1-c
gtpv2-c ss7-map-ggsn-callingparty
ss7-map-siwf-callingparty
ss7-mapsgsn-callingparty
ss7-map-hlr-callingparty
ss7-map-vlr-callingparty
ss7-map-msc-callingparty
ss7-map-eir-callingparty
ss7-map-gsmscf-callingparty
ss7-map-gmlc-callingparty
ss7-map-siwf-callingparty
ss7-map-sgsn-callingparty
ss7-map-ggsn-callingparty
ss7-map-css-callingparty ethercat-base
ethercat-device-protocol
ethercat-mailbox-data
ethercat-process-data ge-srtp-base
ge-srtp-change-cpu-privilege (functional)
ge-srtp-change-cpu-privilege (functional)
ge-srtp-get-control-program (functional)
ge-srtp-get-controller-info (functional)
ge-srtp-get-fault-table (functional)
ge-srtp-get-plc-time (functional)
ge-srtp-plc-short-status-req (functional)
ge-srtp-program-load (functional)
ge-srtp-program-store (functional) ge-srtp-programmer-logon (functional)
ge-srtp-read-program-mem (functional)
ge-srtp-read-sys-mem (functional)
ge-srtp-read-task-mem (functional)
ge-srtp-set-control-id (functional)
ge-srtp-set-plc (functional)
ge-srtp-set-plc-time (functional)
ge-srtp-toggle-force-sys-mem (functional)
ge-srtp-write-program-blk-mem (functional)
ge-srtp-write-sys-mem (functional)
ge-srtp-write-task-mem (functional) tristation-base
tristation-connect-req (functional)
tristation-connect-rsp (functional)
tristation-disconnect-req (functional)
tristation-get-cp-status-req (functional)
tristation-get-cp-status-rsp (functional)
tristation-run-program (functional) umas
umas-base
umas-init-comm
umas-plc-reservation-take
umas-plc-reservation-release
umas-memory-block-read
umas-memory-block-write
umas-variables-read
umas-variables-write
umas-coils-registers-read
umas-coils-registers-write
umas-initialize-upload
umas-upload-block
umas-initialize-download
umas-download-block
umas-sd-backup-make
umas-sd-backup-restore
umas-sd-backup-remove
umas-plc-start
umas-plc-stop
umas-repeat-request
umas-monitor-bits-read
umas-monitor-bits-write
umas-monitor-words-read
umas-monitor-words-write
umas-io-object-write
umas-read-id
Подробная схема в брошюре по VLAN Insertion для ICS/SCADA
