B+B SmartWorx powered by Advantech has introduced its Ethernet switch Security Pack enhancement, which helps defend users from malicious attacks and confidential information leakage more than ever before. The new Security Pack enhancement is available with all EKI-7700 managed Ethernet switches.
Common industrial network threats, such as information theft, DNS spoofing and denial-of-service attacks, can result in tremendous loss. Unencrypted raw data, a lack of IP and MAC address control, and shorts in network access authentication mechanisms are usually the root cause.
Each network security layer implements policies and controls. Within these layers, authorized users can gain access to network resources, but malicious actors need to be blocked from carrying out exploits and threats. For ample protection, network security layers must build on each other.
With the new B+B SmartWorx Security Pack, data security is heightened throughout network layers with the following features:
- Access Control List (ACL): Legal host with known IP and MAC addresses is bundled on a specific port to access the network.
- Network Access Control: IEEE 802.1X. This feature provides an authentication mechanism to devices wishing to access a LAN or WLAN.
- DHCP Snooping: When DHCP servers are allocating IP addresses to clients on a LAN, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic or communication with rogue DHCP servers.
- Dynamic ARP Spoofing Prevention: ARP spoofing may allow an attacker to intercept data frames on a network or even modify or stop traffic. Often, this attack is used as an opening for other attacks, such denial of service, man-in-the-middle, or session-hijacking attacks.
- IP Source Guard: Same as ACL, this feature permits IP traffic from known IP addresses, dropping all other traffic to prevent spoofing attacks.
- Login Authentication: This feature provides a cryptographic network protocol for operating network services securely over an unsecured network.