CAPABILITIES OVERVIEW

Embedded computers and remote devices that run critical operations are

extremely important in managing automation and control systems by collecting

and communicating data directly back into the network. However, these devices

were never designed with security in mind, making them highly susceptible to

cyber-attacks or unintentional interference.

3eTI’s CyberFence solutions protect machine-to-machine (M2M) communications

using advanced, cyber protection for vulnerable edge-devices without disrupting

network operations. CyberFence assures that only you maintain control and visibility

of your critical devices despite increased cyber threats. Unlike competitors, designed

for general enterprise applications, our devices are specifically designed to provide

strong cryptographic defense-in-depth protection for critical infrastructure and tactical

communication systems used by military, government and industrial customers.

CyberFence is the only solution of its kind independently validated and lab tested

by the US government to ensure correct development and implementation. No

other cyber security device rises to this standard, ensuring safe and secure control of

devices and systems.

KEY BENEFITS

• Government certified: Independently validated security by NIST and NIAP

• Accredited: Information assurance (IA) enabled solutions

• Robust: DPI advanced content inspection options

• High-performance: For video, voice and data cyber security protection

• Proven: In use by military and federal organizations

• Experience: Benefit from expertise of NATO cyber security experts

• Customizable: Configurable to address specific security objectives

• Plug & play: Quick and easy implementation and management

• OEM-ready: Embedded OEM options available

CyberFenceM2M Cyber Security for Critical Operations

The Most Advanced Cyber Security for Control & Communications Systems Available

Applications• Embedded SCADA/DCS systems

• Critical automation systems

• Zone and conduit security as per NERC, IEC and ANSI/ISA standards

• PLC/RTU communication security

• Display-only HMI panels

• Secure remote access to PLC data

• Protect legacy devices / computers

• Bolt-on encryption / authentication

• Protect connections to partner networks and wireless networks

• Improve process control network reliability and performance

Critical Infrastructure Protection Embedded Cyber Security for Industrial Control Systems (ICS)

All critical infrastructure — from the power

grid to steel manufacturers, reservoirs and

transportation systems, to hospitals and

airports have unique electrical, environmental

and operational requirements for their

SCADA and process control systems that can

make traditional IT-focused security solutions

unsuitable or insufficient.

The vast majority of cyber security is designed for enterprise computing,

and so industrial systems are often limited to network firewalls and

anti-virus for their PCs. As a result, many critical systems operate with

little protection against the real threat of accidental or malicious cyber-

attacks targeting systems today. Entire plants have been shut down by

an infected USB key or a misconfigured network device.

CyberFence readily accommodates both new and existing legacy

systems without adding complexity. It affords selective and imperceptible

monitoring to fortify one or multiple network endpoints without

interfering with current system performance.

Applications• Protect unmanned

aerial vehicles (UAV)

• Fixed or mobile weapons systems

• Protect sensor system links

• Harden physical surveillance systems

• Secure satellites, fiber & wireless communications

• Secure remote connectivity to units over the Internet

Tactical Communications SecurityM2M Cyber Security for Mission Critical Systems

The modern, connected battlefield enables

enhanced situational awareness and effective

command and control. However, in many domains,

cyber-protection doesn’t extend much beyond

the network core only protecting against some

external attacks.

Diminished control of any machine or interface

limits the operator’s ability to respond effectively

in situations where lives may be at stake. Sustained and comprehensive C2

of any system hinges on a strong cyber-defense strategy that layers security

against internal and external threats for impenetrable endpoint protection.

CyberFence enforces the authenticity, integrity, and authority of C2 data

from the core to the edge, ensuing that data and systems can be trusted to

provide accurate situational awareness and execute commands.

Originally designed to help the defense sector meet federal security

mandates, CyberFence’s crypto modules are FIPS 140-2 validated for

sensitive data communications. Additionally, the system’s approval to

operate (ATO) status with the DoD is complemented by its advanced

information assurance data protection capabilities.

Product Solutions

DarkNode

Protect critical networks where latency and integrity are paramount

• Fully protect network / conduit interfaces

• Monitor and alert to unauthorized activity

• Out of band management option to prevent interference of operational data traffic

• DPI* and firewall rulesets can be uniquely configured to each user and protocol

• Encrypt end-to-end communications of vulnerable industrial / legacy protocols

EtherGuard

Securely connect devices across untrusted networks such as the Internet

• Secure devices making them inaccessible to attackers on an untrusted network

• Integrate multiple layers of security control, including DPI* option to protect critical devices

• Focused to the protection of embedded devices or machines

• Fits anywhere a critical or sensitive device is connected to a wide-area network

EtherWatch

SCADA firewall that protects industrial control networks and embedded devices

• Advanced application-layer firewall and protocol specific DPI*

• Deploy at critical locations to monitor traffic and issue alerts

• Invisible and undetectable by an attacker

• Manage either through the network or through a dedicated management port

UltraCrypt

Efficiently encrypt high capacity networks

• Create a secure link within the existing network

• A high-speed Layer 2 in-line encryptor with high throughput

• MPLS & VLAN encryption

• Easy to configure and manage either in-band or out-of-band over a separate network

• Secure over-the-network rekey

• Network obfuscation

* Deep packet inspection (DPI), can currently support BACnet, Modbus TCP, OPC, EtherNet/IP and DNP3 control protocols and inbound commands, as

well as their origin.

Industrial Facility

Headquarters

Internet

CyberFence Starter KitsThe CyberFence Starter Kit is an all-inclusive, plug-and-play cyber security solution that makes it easy to test drive 3eTI’s innovative endpoint cyber technology for embedded devices. The CyberFence Starter Kit allows you to mix and match a traffic encryption solution that fits your network; select from 3eTI’s EtherGuard or DarkNode devices which provide protections such as port authentication, access-control, and application level packet inspection.

Flexible endpoint protection options for any embedded device

PRODUCT COMPARISON

Solutions Description DPI* Firewall Encrypt MbpsFIPS

140-2 Level 2

Common Criteria

Suite B Cap. 802.1X

Out-Band Mgmt

Dark View Tech.

DarkNode FIPS Layer-2 DID Crypto X X V-LAN ~120 X X X X X

EtherGuard FIPS Layer-3 DID Crypto X X VPN ~120 X X X X X

EtherWatch SCADA Firewall X X ~120 X X X X

UltraCrypt High Speed Encryption V-LAN ~450 X X X X X

*Deep packet inspection (DPI), can currently support Modbus TCP, OPC, EtherNet/IP and DNP3 control protocols and inbound commands,

as well as their origin.

CYBERFENCE SERVICES

Evaluation & Risk Assessment3eTI provides security assessment and vulnerability management services to assess and mitigate system cyber security risks without affecting

operational efficiency and reliability. We help empower organizations to create, manage and employ a risk management framework that

meets the strategic goals and deployment operations of a business. 3eTI is proficient in industry standards from ISO, NIST, IEC/ISA, and US

DoD, and can tailor a solution to meet any regulatory or compliance directives under which a business operates.

Key ManagementWhile many systems offer encryption only, we consider and solve the complex key management issues needed to maintain security over

a system’s lifetime. 3eTI only uses secure validated key generation, distribution, and authentication mechanisms for our cryptographic

services, and the process is entirely owned and controlled by the customer.

System IntegrationAll of our products are interoperable with industry standard SIEM, network management, and situational awareness tools, ensuring

that our solutions fit within any existing security solutions. We bring the capability to monitor, detect, and react to security incidents

previously hidden from view. Cyber security can now extend beyond the PC all the way to the critical machines and devices at the edge.

OEM Integration3eTI’s compact CyberFence OEM Modules offers certified security in an even smaller package — easy to connect into any demanding

OEM application. 3eTI also leverages strategic partnerships to embed 3eTI’s core cyber security technology into their platforms.

CAPABILITIES OVERVIEW

Copyright ©2015 Ultra Electronics, 3eTI. All Rights Reserved. 111915-0039713 Key West Avenue · Rockville, MD 20850 · +1 800 449 3eTI · www.ultra-3eti.com