Security Pack for EKI-7700 Managed Switches

Defend Data Against Internal and External Cyber Threats

B+B SmartWorx powered by Advantech has introduced its Ethernet switch Security Pack enhancement, which helps defend users from malicious attacks and confidential information leakage more than ever before. The new Security Pack enhancement is available with all EKI-7700 managed Ethernet switches.

Common industrial network threats, such as information theft, DNS spoofing and denial-of-service attacks, can result in tremendous loss. Unencrypted raw data, a lack of IP and MAC address control, and shorts in network access authentication mechanisms are usually the root cause.

Each network security layer implements policies and controls. Within these layers, authorized users can gain access to network resources, but malicious actors need to be blocked from carrying out exploits and threats. For ample protection, network security layers must build on each other.

With the new B+B SmartWorx Security Pack, data security is heightened throughout network layers with the following features:

  •  Access Control List (ACL): Legal host with known IP and MAC addresses is bundled on a specific port to access the network.
  •  Network Access Control: IEEE 802.1X. This feature provides an authentication mechanism to devices wishing to access a LAN or WLAN.
  •  DHCP Snooping: When DHCP servers are allocating IP addresses to clients on a LAN, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic or communication with rogue DHCP servers.
  •  Dynamic ARP Spoofing Prevention: ARP spoofing may allow an attacker to intercept data frames on a network or even modify or stop traffic. Often, this attack is used as an opening for other attacks, such denial of service, man-in-the-middle, or session-hijacking attacks.
  •  IP Source Guard: Same as ACL, this feature permits IP traffic from known IP addresses, dropping all other traffic to prevent spoofing attacks.
  •  Login Authentication: This feature provides a cryptographic network protocol for operating network services securely over an unsecured network.

The Protection You Need From …

Information Theft

Access to un-encrypted data and unsecured networks can lead to the loss of classified information. Without appropriate security measures in place, hackers and employees with malicious intent can easily access, view, or even copy confidential information.

DNS Spoofing

By assigning a forged IP address to devices, hackers can redirect device traffic and disable their Internet services, potentially creating chaos for device networks. They can even assign a legitimate IP address to themselves, effectively masquerading one of the devices and thereby send/receive fake commands/responses.

Denial-of-Service Attacks

By flooding a network or a device with data, hackers can slow down or even disable Internet services. When this occurs, time-critical information is unable to reach its destination, causing data packets to expire.

Need help?

Contact our team today!