Industrial security agent platform
First Claim
1. A system comprising:
- an enterprise network;
one or more operational technology networks, each operational technology network including one or more controller devices, each controller device operable to control one or more operational devices within an operational technology network;
for each of the one or more operational technology networks, a respective site security server and a respective security relay server, the site security server being a node on a perimeter network, the security relay server being a node on its respective operational technology network, and being operable to facilitate secure communication between the one or more controller devices of the operational technology network and its corresponding site security server, wherein the security relay server includes, for at least one controller device, a corresponding device emulator that is configured to handle communications with the at least one controller device when the at least one controller device is incapable of performing a cryptographic function; and
a management server, the management server being a node on the enterprise network and being operable to communicate with each site security server.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and apparatus, including computer programs encoded on computer storage media, for facilitating secure communication. A system for facilitating secure communication includes an enterprise network, one or more operational technology networks, and a management server. Each of the operational technology networks can include one or more controller devices operable to control one or more operational devices, and can include a respective site security server and a respective security relay server. The security relay server can be operable to facilitate secure communication between controller devices of the operational technology network and its corresponding site security server. The management server can be a node on the enterprise network and can be operable to communicate with each site security server.
138 Citations
20 Claims
-
1. A system comprising:
-
an enterprise network; one or more operational technology networks, each operational technology network including one or more controller devices, each controller device operable to control one or more operational devices within an operational technology network; for each of the one or more operational technology networks, a respective site security server and a respective security relay server, the site security server being a node on a perimeter network, the security relay server being a node on its respective operational technology network, and being operable to facilitate secure communication between the one or more controller devices of the operational technology network and its corresponding site security server, wherein the security relay server includes, for at least one controller device, a corresponding device emulator that is configured to handle communications with the at least one controller device when the at least one controller device is incapable of performing a cryptographic function; and a management server, the management server being a node on the enterprise network and being operable to communicate with each site security server. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method for facilitating secure communication, the method being executed by one or more processors and comprising:
-
providing, for presentation at an interface device, identification information related to controller devices of an operational technology network; receiving, from the interface device, a request for additional information related to each controller device of a selected subset of controller devices of the operational technology network; for each controller device of the selected subset of controller devices, generating a query corresponding to the request for additional information, including; (i) examining content associated with the request for additional information; (ii) determining that the request for additional information is of a valid format and that one or more parameters associated with the request are valid parameters; and (iii) translating the request for additional information into a query format that is recognizable by the controller device; encrypting the generated query and providing the encrypted query to a security relay server for the selected subset of controller devices, wherein the security relay server includes, for at least one controller device of the selected subset of controller devices, a corresponding device emulator that is configured to handle communications with the at least one controller device when the at least one controller device is incapable of decrypting the encrypted query, encrypting additional information, or both; receiving encrypted additional information related to the selected subset of controller devices, from the security relay server; and decrypting and providing additional information related to the selected subset of controller devices for presentation at the interface device. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for facilitating secure communication, the operations comprising:
-
providing, for presentation at an interface device, identification information related to controller devices of an operational technology network; receiving, from the interface device, a request for additional information related to each controller device of a selected subset of controller devices of the operational technology network; for each controller device of the selected subset of controller devices, generating a query corresponding to the request for additional information, including; (i) examining content associated with the request for additional information; (ii) determining that the request for additional information is of a valid format and that one or more parameters associated with the request are valid parameters; and (iii) translating the request for additional information into a query format that is recognizable by the controller device; encrypting the generated query and providing the encrypted query to a security relay server for the selected subset of controller devices, wherein the security relay server includes, for at least one controller device of the selected subset of controller devices, a corresponding device emulator that is configured to handle communications with the at least one controller device when the at least one controller device is incapable of decrypting the encrypted query, encrypting additional information, or both; receiving encrypted additional information related to the selected subset of controller devices, from the security relay server; and decrypting and providing additional information related to the selected subset of controller devices for presentation at the interface device. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification