Embedded Firewall

Feb. 27, 2013
The Floodgate Defender firewall is designed to provide security for any device connected to the Internet.

Most discussions of firewalls as part of a defense-in-depth security strategy focus on deploying the firewall to control access to the industrial network. But taking the defense-in-depth concept to the next level suggests that outfitting any device connected to the Internet with its own firewall would provide an added layer of protection.

Icon Labs, a provider of embedded networking and security technology, now offers a product that can provide device-level firewall protection. The Floodgate Defender firewall appliance is placed between the Internet and the device and can be configured with the communication policies particular to the device it is protecting.  According to Icon Labs, Floodgate Defender enforces the device communication policies, blocking attacks before a connection can be established with the target device. 

“Floodgate Defender provides: rules-based filtering to define what packets are allowed and blocks packets at the lowest layers in the IP stack; stateful packet inspection to block packets on the state of connection as well as unapproved packets that originate from the network; and threshold-based filtering to block packet floods,” says Alan Grau, president of Icon Labs. He adds that Floodgate Defender also supports whitelisting and blacklisting by IP address, port or protocol.

Though Floodgate Defender can be retrofitted to existing devices that are or can be connected to the Internet, Icon Labs expects the device to garner a great deal of interest from OEMs who can use the device to embed security within their products.

Grau says that although retroactive security devices have been around for years, most have been designed for specific applications or around SCADA-specific protocols and are not intended for general-purpose use.  But with the growing level of attacks on embedded devices, the need for this level of protection is becoming increasingly necessary. In our discussion, he cited a 2010 Columbia University Intrusion Detection Systems Lab study that shows a 102 percent annual growth in attacks on embedded devices. The study also shows that embedded devices are 15 times more vulnerable to attacks than enterprise systems because embedded systems typically don't have defense-in-depth applied, as do most enterprise systems.

“The device firewall concept is simple,” Grau says, “ you just control what the device talks to. Of course, authentication can handle a lot of this, but that can be hacked. By controlling who and what the device can talk to, you can prevent the vast majority of attacks before they get started.”

Floodgate Defender MSRP pricing starts at $995. Discounts are available for volume orders.

Read more about Floodgate Defender and predictions for greater industrial cyber security involvement by major safety groups.

About the Author

David Greenfield, editor in chief | Editor in Chief

David Greenfield joined Automation World in June 2011. Bringing a wealth of industry knowledge and media experience to his position, David’s contributions can be found in AW’s print and online editions and custom projects. Earlier in his career, David was Editorial Director of Design News at UBM Electronics, and prior to joining UBM, he was Editorial Director of Control Engineering at Reed Business Information, where he also worked on Manufacturing Business Technology as Publisher. 

Sponsored Recommendations

Put the Plant Floor in Your Pocket with Ignition Perspective

Build mobile-responsive HTML applications that run natively on any screen.

Ignition: Industrial-Strength System Security and Stability

Ignition is built on a solid, unified architecture and proven, industrial-grade security technology, which is why industrial organizations all over the world have been trusting...

Iron Foundry Gains Competitive Edge & Increases Efficiency with Innovative Technology

With help from Artek, Ferroloy implemented Ignition to digitally transform their disconnected foundry through efficient data collection and analysis while integrating the new ...

Empowering Data Center Growth: Leveraging Ignition for Scalability and Efficiency

Data center growth has exploded over the past decade. Initially driven by organizations moving their computer assets to the cloud, this trend has only accelerated. With the rise...