Secure Networking for
Energy Systems

Easily connect and micro-segment Industrial Control Systems (ICS) and SCADA networks across geographically distributed areas – at lower cost than any alternatives

We deliver a simpler approach to securing and isolating your critical infrastructure based on trusted machine identities. Eliminate the need for internal firewalls and VPNs for secure access and segmentation with a single solution that is fast to deploy and radically secure.

50% Lower CapEx and 
OpEx through ICS 
network simplification

Time

Connect and Revoke Devices 
97% Faster, with little to
no network changes.

Segmentation

90% Reduced Attack
Surface through cloaking,
and micro-segmentation

Segmentation alternatives for campus 
networks are complex and costly

line

Connecting modern and legacy energy systems (including substations, valve vaults, PLCs, RTUs, and more) is crucial to maximize operational efficiency through better data and automation. However, energy organizations often have highly distributed remote sites in sometimes extreme environments, where connectivity options are limited. Deploying secure connectivity and managing the network for each of those remote sites is significantly costly and complex.

The lack of good solutions forces organizations 
to deal with issues such as:

Critical up-time and bandwidth issues with legacy communications such as expensive microwave radio

Reduced security due to lack of segmentation and native encryption

Providing secure mobile connectivity for technicians on the road and segmented access for vendors

Traditional IT solutions are not the answer. Technologies such as firewalls, VPNs, ACLs, and VLANs were not designed for energy environments. They require significant time and expertise to deploy and manage, yet still remain vulnerable to breach due to insufficient security and segmentation.

We have a better solution that solves these challenges.

Simple, secure, and segmented
energy networks

line

We deliver peer-to-peer encrypted networks that make it simple to connect and micro-segment energy systems across a highly distributed environment.

With a simple plug-and-play deployment model, you can now eliminate the many complex and time-consuming steps required to deploy and manage firewalls and VPNs. Reduce connectivity costs, increase security, improve network up-time, and future proof your energy networks for additional IoT elements such as IP cameras for example.

Strong Security

Easily isolate and segment ICS/SCADA off the corporate network

Upgrade Legacy Communications

Easily deploy inexpensive and secure cellular connectivity using a public APN

Segmentation

Secure VPN-Less Access

Reduce costly travel with network access from anywhere, anytime

Simple and fast deployment

line

Most customers will deploy hardware such as the Airwall 250 at remote sites in order to cloak and segment energy systems. The Airwall 250 features dual cellular modems, so they can now failover to and between different cellular providers if the wired WAN connection fails, improving availability and up-time.

The Airwall relay is the world’s first identity-based router that connects systems and buildings across separate networks, and can be deployed on-premises or in the cloud.The Conductor is the orchestration engine that manages policy for all distributed Airwall services (Airwall appliances, Airwall servers, and Airwall clients), delivering simple control of the network.

A Simplified Network Diagram
A Simplified Network Diagram

The Airwall Conductor delivers simple and 
centralized network control 


Eliminate the complex and manual configurations associated with traditional IT solutions through simple point-and-click policy orchestration. Create, deploy, and disconnect overlay networks in seconds, with little to no change to existing network infrastructure.

Setting Policy Image
Setting Policy

Policy Orchestration That’s Point-and-Click Simple

Easily create isolated network segments and configure policy using the radio buttons. This simple process replaces the multiple steps of security and network configurations (using network addresses, ports, certificates, ACLs, and VLANs, and more) typically required by IT staff.

Visualizing Policy

Verify Overlay Network Configuration and Compliance Quickly and Easily

The Visual Trust Map allows you to immediately validate communication policy between protected machines, as well as their Airwall Services. With greater control of your network, showing segmentation for regulatory compliance reporting and security audits becomes quick and easy.

Visualizing Policy Image
Education Guide

5 Common Micro-Segmentation
Mistakes Guide

Start your
micro-segmentation project on the right foot

Customer Use Case

Smart Buildings

Learn how Penn State
University securely connected and isolated 640 buildings

Customer Use Case

IIoT Microsegmentation
at Sea

Learn how one of the world’s largest cruise lines connected and secured its entire fleet’s maritime systems