CyFENCE is a DMZ that integrates all the security services protecting an industrial system.
It consists of hardware and integrated software configured by Cybelius for industrial systems.
The different security functions offered by CyFENCE are :
- Authentication management (LDAP, Active Directory)
- Control of access paths to zones and equipment
- Management of remote access of any kind
- Management of automatic or manual updates
- Creation of security records linked to CyFENCE services
- Collection of logs and system security events for communication with SOC / SIEM
- Automatic or manual backup and restore, detection of differences between versions
- Protocol breaks on critical exchanges.
- CyFENCE triggers in the event of inbound and outbound communication breaks and secures an existing system minimising the impact.
- CyFENCE is modular and contains the functions the customer needs.
- CyFENCE exists as a redundant version for availability requirements.
- Thanks to its positioning between IT and OT, CyFENCE enables the extension of IT security services to OT (Anti-virus, authentification, logging…)
- CyFENCE is compliant with the ANSSI-PA-044 guide.
CyFENCE is a product integrated with IT and OT technologies, selected and mastered by Cybelius. The criteria taken into account are the quality of the protection, confidence, the simplicity of implementation, and relevance for the OT world.
- Firewall: based on specialised distributions.
- Security server: management of authentication, integrity, and encryption.
- Data management: secured file transfer, encryption, back-up and restore, encrypted records of any kind.
- CyFENCE always has a firewall on the IT side and a firewall on the OT side of a different technology.
- The firewall on the IT side can be replaced by a model imposed by the customer.
- The management of paths between IT and OT is controlled exhaustively.
Cybelius can assist the customer with the modifications required to their equipment for the implementation of the CyFENCE security services. The administration of CyFENCE is operated via a single interface developed by Cybelius.
- CyFENCE is positioned as a break of the incoming and outgoing links of the system to be protected, thus making a fence ensuring in depth defence.
- Cybelius manages the configuration, implementation, maintenance and eventual administration of CyFENCE.
- CyFENCE is implemented according to customer requirements for assembly and configuration. Factory tests are followed by a site reception and a functional check. The changes to the system are defined and supervised by Cybelius.
CyFENCE consists of a cabinet or a 19-inch industrial chassis, from 18U to 42U depending on the functions delivered. CyFENCE has its own UPS.
CyFENCE is marketed for initial sale and annual operating license and optional services.
CyFENCE respects the ANSSI-PA-044 guide.