Industrial firewall closes security gap disclosed by SSA-542701

Essentially, this is the open TCP port 10005, which allows an attacker to access critical functions and data without authentication.

Another weak point is the use of a static crypto key (3DES) that can be reconstructed from the LOGO! 8 programming tool. Whoever has network access to port 10005 can read out all passwords and read and change the device configuration. Plant operators are strongly advised to take external measures to prevent unauthorized access to the controller.

The self-learning industrial firewall mbNETFIX from MB connect line is ideally suited for this purpose. It serves to secure and segment industrial networks and is especially adapted to the mode of operation in the industrial automation environment. In learning mode, the firewall records all connections. Based on the recorded packet table, you decide which connections are permitted and block all others. With regard to LOGO! 8, you can use a so-called whitelist to determine which communication partners the controller requires. All other network requests are blocked. To condition the data traffic, the firewall can filter out the permitted and prohibited data traffic on the basis of the original MAC/IP addresses, the target MAC/IP addresses and the ports.

For more information on the mbNETFIX Industrial Firewall please send us an email : info@controlsynergy.rbdev.com.au

Or call us on (02) 4966 5211