login
Search
Contact Us
Industrial Control Security
Host security hardening system
A kernel-level cross-platform security product. It enhances the protection capabilities of the operating system by applying technical means such as security tagging, access control, and integrity protection. This system can effectively resist external attacks and internal information leakage, and fully comply with the requirements of the Cybersecurity Law 2.0 standard.
Meet the requirements of the Cybersecurity Law 2.0
Provide mark-based mandatory access control to support the security protection of various important resources of the operating system. Provide illegal external probing to prevent information leakage; Ensure the integrity of the system and the safe use of resources
Equipment control is more precise
It adopts a whitelist mechanism to support the control of USB devices based on device category, supplier ID and product number, and also provides management and control of network access methods such as 5G network cards, wireless hotspots, wireless network cards and dial-up connections.
More comprehensive and systematic protection
By adopting a whitelist control mechanism, the system operation environment can be solidified with one click, achieving protection upon installation. The system supports the shared deployment of program whitelisting and employs its unique patch tracking technology and intelligent update capture technology to ensure the secure update of software.
The platform compatibility more superior
Supports Windows2000 to Windows11 operating systems, mainstream Linux systems such as RedHat, CentOS, Ubuntu, and SUSE, as well as domestic operating systems like Kylin, UnionTech, Ningsi, Hunan Kylin, and OpenEuler.
USB Security Management System
A professional-level mobile storage security control product, it realizes the full life cycle security management of USB devices through core functions such as device authentication, access authorization, virus scanning and removal, and operation auditing. This system, while ensuring convenient file transfer for users, can effectively curb the risk of virus spread, guarantee the security and reliability of data transmission, and provide
Whitelist-based device access control
Based on the unique identification of the device, USB mobile storage devices are authorized to access the network to achieve secure access control of USB storage devices.
File black and white list control
Supports setting file white lists based on file suffixes and characteristic values, and automatically blocks high-risk files. Support setting black name lists for file suffixes.
Device virus scanning and remova
Utilizing a professional virus database, it automatically scans for viruses on USB mobile storage devices inserted into the system, and issues alerts, isolates or deletes the scanned virus files.
Diverse access methods
Resources on USB mobile storage devices can be accessed through WEB, FTP, SFTP, UNC, OTG, and dedicated C/S clients, etc., to meet the requirements of various new and old system usage environments 。
Industrial firewall
SCIYON industrial firewall is a boundary protection product specially designed for industrial control systems. It achieves effective isolation between security domains by deeply analyzing industrial protocols, identifying threat characteristics, and applying trusted whitelist technology, and provides protective measures against internal and external network attacks.
More comprehensive in-depth analysis of industrial control protocols
It can recognize nearly a hundred industrial protocols. It is compatible with OPC, Modbus, Profibus, SiemensS7, EtherNetIP, IEC104, DNP3, IEC61850, Profinet, etc. It conducts in-depth analysis of over 30 mainstream industrial protocols and supports the adaptation of private protocols in a customized manner.
More precise control of industrial control instructions
Supports precise instruction control at the value range level for mainstream industrial control protocols, such as function codes, register values, data types, service codes, etc.
Stronger network adaptability
Supports deployment in transparent mode and routing mode. In routing mode, it supports static routing, dynamic routing (OSPF), and policy-based routing. It also supports both test mode and working mode simultaneously.
Industrial control security audit system
A bypass deployment industrial network security monitoring product. It utilizes deep analysis technology of industrial control protocols to monitor network traffic in real time and identify abnormal behaviors (including abnormal traffic, illegal access, and non-compliant operations, etc.).
Precise identification and in-depth analysis of Industrial
Control protocols Accurately identify nearly a hundred industrial control protocols It is compatible with OPC, Modbus, FINbus, Sie
Comprehensive audit of business operation behaviors
Record in detail the operation behaviors in industrial control, such as instruction changes, load changes, configuration changes and other instruction-level operation data.
Real-time business interruption alarm
Continuously monitor the communication status of designated industrial protocols, issue real-time alarms for traffic interruption events that affect business continuity,.
Real-time alerts for abnormal network status
Real-time monitoring of the operational status of industrial control networks, automatic learning of normal communication rules, establishment of trusted behavior baselines, and real-time alerts for abnormal instructions and behaviors in the network
Log audit and analysis system
SCIYON Log Audit and Analysis System is a log management product specifically designed for industrial control. It supports the collection of logs from multiple sources and conducts big data correlation analysis to realize the traceability and audit evidence collection of security incidents.
More comprehensive log collection
The system offers multiple methods for log collection, including TCP, UDP, SYSLOG, SNMP, FTP, SFTP, WMI, etc. It can intelligently identify log information generated by various routers, switches, firewalls, application systems and other devices..
The correlation analysis algorithm is more advanced
By using big data analysis algorithms and non-relational databases, and through full in-memory operations, complex correlation analysis and time series correlation analysis processing are conducted on event information.
Big data search technology, rapid traceability
By adopting big data search technology, vertical search engines are used to efficiently retrieve disordered information. Inverted indexing and event-related scoring mechanisms are employed to enable real-time retrieval of logs of hundreds of millions of scale on a single device.
Rich custom reports
The system pre-sets a wide variety of reports and various event sections for thematic data analysis based on different business scenarios, providing efficient and intelligent report generation tools. It easily integrates multi-source data to form a comprehensive data perspective for the entire bureau and control the overall network situation.
Industrial control intrusion detection system
A bypass deployment industrial network security monitoring product, it can identify network attack behaviors in real time through protocol analysis and intrusion detection engine. This system works in conjunction with the firewall to form a complementary protection mechanism, which can meet the requirements of level protection.
Stronger security detection capabilities
By pre-setting detection rules, it can detect various types of attack behaviors such as Trojans, worms, botnets, buffer overflows, DDoS attacks, scanning and hijacking, etc.
Deeper analysis of industrial control protocols
Deeper analysis of industrial control protocols.
The threat feature library is more complete
The system has built-in feature libraries for various industrial control protocols and vulnerability and feature libraries for multiple industrial control vendor products, with over 8,600 types
Massive application identification library
The system supports an application identification library, which can automatically identify over 2,000 mainstream network applications. It also supports file type recognition and depth content detection.
Vulnerability scanning system
It is equipped with built-in device fingerprint recognition technology and a vulnerability database. This system is capable of conducting comprehensive scanning and detection of industrial control equipment and their systems, aiming to provide detailed security reports and targeted repair suggestions.
More accurate vulnerability detection
Integrating industrial control equipment, system, database, password, video security, image detection,etc. It comprehensively and accurately identifies vulnerability risks, security configuration flaws and other security vulnerabilities in industrial control networks.
Less destructive scanning
The vulnerability scanning system supports non-destructive detection technologies such as asset fingerprint recognition, non-destructive industrial control vulnerability scanning, and asset security vulnerability matching.
More abundant vulnerability knowledge base
The vulnerability knowledge base is compatible with mainstream standards such as CVE, CNNVD, and CNVD, with over 160,000 vulnerability knowledge bases, among which more than 4,000 are dedicated to industrial control.
Operation and maintenance security audit system
By monitoring the operation of network and security devices, centralized management of accounts, high-intensity authentication, permission control, and protocol auditing are achieved to ensure the manageability, controllability, and traceability of the entire operation and maintenance process.
More comprehensive support for operation and maintenance scenarios
Supports operation and maintenance auditing of character terminals based on TELNET and SSH protocols; supports auditing of file transfer operations such as SFTP, FTP, RDP disk channels, and clipboard; supports auditing of operation and maintenance operations of application terminals such as WEB applications and virtual machine applications, etc.
More centralized management of privileged accounts
It supports centralized management of privileged accounts in the managed system, reducing the risk of account information leakage and achieving minimal access control. The system supports periodic automatic password changes for accounts, reducing the risk of privileged accounts being brute-forced.
More Real-Time Operation and Maintenance Process Control
It supports control over character operation (SSH/TELNET protocol) commands or command sets.
Work order management
The system has a built-in electronic work order function, which allows maintenance personnel to fill out work orders online. Once the work order is approved, the maintenance personnel can immediately obtain the corresponding access permissions.
Supports automated operation and maintenance
For repetitive maintenance tasks, it supports pre-defined scripts and tasks, which are executed automatically on a regular basis.
Security Management System
SCIYON Security Management System is an integrated management and control platform that effectively eliminates information silos and enhances the overall security defense capabilities of industrial control networks by centrally managing security devices, policies, and logs and performing comprehensive analysis.
Unified management of safety equipment
It centrally manages industrial control security products and supports equipment information maintenance, equipment status monitoring, security policy configuration, and equipment log collection for all devices within the industrial control network.
Flexible and diverse strategy configurations
It supports single-point configuration, batch application, and template-based management, and allows for differentiated security policy configuration through security domain division. The system can provide relevant suggestions based on the detection of the industrial control system's network.
Access Management
It supports custom user roles, allowing users to configure different roles with different access permissions as needed to achieve hierarchical user management; it also supports security domain management, allowing different security domains to be divided according to the enterprise's organizational structure, with different users having access permissions to security devices within different security domains.
Visualizing network topology
It can actively or passively identify network assets, support custom editing of network nodes and network layers, and realize visualization of industrial control network topology.
Extensive security strategy knowledge base
The system has a built-in rich risk knowledge base and security policy rules, and users can customize the thresholds, risk levels, keywords, and other conditions for various security event indicators.
