Simplified identity management
Less dependence on IT for SCADA controls
Network bandwidth capacity improvement
Secure remote access
SCADA network redundancy
Shared customer control provisioning
Identity management overlay transparent to existing infrastructure
HIPswitch protects each pipeline-metering skid
Replaced next-gen firewalls and VPNs
Anytime, anywhere contractor access to authorized SCADA controls
OT provisioning freedom
Reduced IT support workload
Recovered network bandwidth through broadcast storm reduction
In a world where cyber-attacks are becoming daily occurrences, there is a growing concern about attacks on supervisory control and data acquisition (SCADA) systems that could endanger thousands, even millions of citizens.
SCADA is what allows organizations to control and monitor mechanized processes locally or remotely. It’s the backbone of many modern industries including energy, food and beverage, manufacturing, oil and gas, power, recycling, transportation, water, and waste-water—in other words, services that keep society up and running. Most troubling, an attack on SCADA systems could become life threatening if, for instance, it shut down a town’s water supply or crippled its power distribution infrastructure.
A leading North American provider of oil and natural gas services recently failed an infrastructure security audit.
Both the operational technology (OT) and information technology (IT) teams were aware of the many problems but, as with many businesses, department objectives, processes, and budgets were not aligned. OT provisioning and change requests took a long time to process, raising tension between the teams, while the problems sat unaddressed.
"Tempered Networks gave us a simple way to achieve end-to-end private networking for our Building Automation network that’s resilient, scalable, and secure. In less than 20 minutes, we were able to deploy our first cloaked overlay network without having to modify systems or involve IT."
Tom Walker, Environmental Systems
Design Specialist at Penn State University
The company signed a contract with a well-known global management consulting company to design a solution. It mainly consisted of next-generation firewall and VPN technology. But OT remained unconvinced, seeing that approach as overly complicated and expensive. Furthermore, IT would have to remain involved, exacerbating trouble ticket responsiveness.
Enter Tempered Network’s Identity-Defined Networking (IDN) solution.
IDN is a secure networking architecture based on centralized orchestration of crypto-IDs, where only verified, trusted endpoints can communicate with each other. With IDN, connection, segmentation, encryption and cloaking of critical assets and networks is flexible, secure, and simple. Best of all, IDN is deployed as a transparent overlay to existing network infrastructure—no rip and replace.
IDN enabled much-needed security and operational control at a fraction of the cost of traditional NGFW/VPN approaches. Fundamental problems were solved immediately with micro-segmentation and Layer 3 routing became configurable with no impact to existing Layer 2 infrastructure. And, OT was able to take control of network adds, moves, and changes.
Seeing the promise and possibilities after deployment, IT decided to adopt IDN for an OSPF implementation that improved the efficiency of the radio network.
The project made use of HIPswitches, provisioned at each pipeline-metering skid. Since HIPswitches only allow identity-defined inbound connections, all network switching infrastructure behind them were cloaked from unauthorized view, heightening security. And field techs—using trusted, verified devices—can access the control network from a car or the field, anywhere, anytime.
With Tempered Network’s IDN, OT service level has reached new heights. The client passed the next audit with flying colors and is far more secure against a potential SCADA attack—all at a fraction of the cost of traditional networking solutions.
Experience the same simplicity, security, and cost-savings