Next Generation Firewalls with Deep Packet Inspection (DPI) capabilities are now mainstream products for IT protocols. Unfortunately, designers and operators of industrial control systems (ICS) have not had access to these advanced technologies to protect their critical communications that involved protocols such as EtherNet/IP™. This is a serious problem. Mission critical control systems need DPI technology even more than IT systems do. This paper discusses the creation of a DPI firewall for EtherNet/IP and Common Industrial Protocol (CIP™), and the lessons learned in the process. It explores why DPI is needed for control security, what is available today, and the challenges going forward. This paper looks at the technical issues in creating an EtherNet/IP DPI firewall that is useable and the solutions that are emerging. The paper closes with a case history of the use of an EtherNet/IP DPI firewall.
Paper and presentation from the 2014 ODVA Industry Conference & 16th Annual Meeting
Eric Byres, Chief Technology Officer
Erik Schweigert, Lead Embedded Systems Developer
Michael Thomas, Lead Systems Developer
Tofino Security, a Belden Brand