BOUNCER by CoreTrace:  Engineering and Utilities (SCADA)

• BOUNCER by CoreTrace
  • Product Overview
• Benefits of BOUNCER
  • Overview of Benefits
  • Malware Threats
  • User-Privilege Threats
  • Configuration Lockdown
• Features of BOUNCER
  • Overview of Features
  • Trusted Change
• Regulatory Compliance
  • Overview of Compliance
  • HIPAA
  • The Sarbanes-Oxley Act
  • PCI DSS
  • NERC
  • NIST sp800-53
• Industry Solutions
  • Overview of Solutions
  • Engineering and Utilities (SCADA)
  • Hosted VoIP Providers
  • Government
• Roles & Responsibilities
  • Overview of Use by Role
  • IT Administrators
  • IT Managers
  • Executives

• See Also:
  • Application Whitelisting News
  • Live & Recorded Events
  • BOUNCER Presentation
  • Resource Center
• Related Resources:
  • BOUNCER Online Demo
  • Application Whitelisting: New Paradigm
  • Tenets of Endpoint Control (Ogren Group)
  • Combatting Buffer Overflows & Rootkits
  • BOUNCER ROI Analysis

Protecting SCADA systems with BOUNCER by CoreTrace

Supervisory Control and Data Acquisition (SCADA) or Distributed Control System (DCS) networks are large, distributed systems responsible for automatic control of everything from refineries to railway signals. These systems are critical to the safety of national power grids, petrochemical facilities, and commuter and freight transit. These critical points of control must be forcefully protected at all times.

When SCADA systems were largely on specialized operating systems and legacy mainframes, they were by default safer from intrusion. Now, however, they run on general-purpose operating systems that are far more vulnerable. BOUNCER is an endpoint security and control solution designed to protect the configuration and integrity of critical systems — without the large performance impact that traditional endpoint security systems have generated. Residing in the operating system kernel makes BOUNCER the most tamper-proof solution available for RTU, MTU, and HMI systems.

BOUNCER allows a SCADA system to be quickly scanned, and an automatically generated policy can be applied to lock the applications, data configuration files, or both. Importantly, for SCADA systems, the entire process never requires the endpoint to reboot. There's no need to sacrifice availability for endpoint security.

Once in place, the approved configuration cannot be changed, not even by a user with Local Administrator privileges on the system. Changes can only be effected through the BOUNCER console.

Many SCADA systems have never been secured because of the huge performance impacts of traditional blacklist scans. The BOUNCER endpoint security solution will not eat up your system memory. BOUNCER typically takes up around 20 MB of disk space, and uses less than 2 percent of the system's CPU.

Additionally, BOUNCER does not need to be updated and patched like traditional endpoint security based around blacklisting. When the whitelist of known files is created from the SCADA system, it locks it into that configuration without the need for patching every time a new threat is revealed. Whenever a new version of your SCADA software is deployed, updates to BOUNCER's whitelist are quick and do not require rebooting.

As an extra protection from the same client, BOUNCER's built-in network filter controls access to the system through a variety of parameters, including IP address, protocol, or port.

• Contact
• Site Map
• Legal
• Privacy Policy