In recent years, increased cybersecurity incidents have been crippling critical infrastructure and harming businesses. Some are targeted attacks, such as ransomware attacks; however, some are non-targeted incidents, such as contamination through malware that gains access to an unauthorised computer and spreads to the whole industrial control network. Taking the approach of creating zone-basis industrial network architecture can reduce the damage. In the meantime, cybersecurity experts are also proposing more proactive actions to protect industrial networks. These actions can be realised by an industrial intrusion prevention system (IPS), which can effectively counteract intrusions and reduce their impacts on industrial systems.
What is an IPS?
An IPS is a form of network security designed to detect and block identified threats by constantly monitoring networks, looking for possible malicious cyber-incidents and logging information about them. It features deep packet inspection (DPI) technology, enhancing network security visibility, and ultimately helps mitigate risks and protect industrial networks from security threats.
Industrial IPS Tailored for Industrial Networks
Although IPS technology has worked very well on IT networks for a while, it is difficult to directly deploy an IPS in OT networks because the first priority of OT networks is availability and performance, while the first priority of IT cybersecurity is confidentiality.