fixed-function devices that can't be upgraded to add security;

devices that use obsolete operating system (OS) versions that are insecure and can't be upgraded;

real-time OS-based devices that were designed before security was a critical concern and therefore lack sufficient security;

designed for use on private networks but are now connected to the Internet.

Prevent probes and hacking drones from discovering endpoints. Hackers and automated drones send out ping requests or other messages to a range of IP addresses looking for responses. The appliance drops these requests making the endpoints undiscoverable.

Prevent access from unauthorized machines. Many fixed function devices only need communicate with a few known, trusted hosts. Enforcing these communication restrictions prevents communication with unauthorized machines. If a hacker can't communicate with the endpoint, they can't compromise it.

Close security loopholes. Many cyberattacks utilize services on an endpoint that aren't required for fixed function devices. Blocking unused ports and protocols closes these commonly exploited security loopholes.

Protect against denial of service attacks. By controlling whom the endpoint talks to, DoS attacks are blocked before they reach the endpoint. The endpoints are shielded from malicious traffic and traffic floods, ensuring continued operation even when the network is under attack.

Protects against insider attacks and malware on the corporate network. Endpoints within the secure enclave are sheltered from malicious packets that may be present on the corporate network. With communication restricted to a small set of trusted hosts, malware, insider attacks, or any other malicious activity is blocked. An insider attempting to hack an endpoint from outside the corporate network or from any non-trusted machine will also be blocked, preventing the attack.

Quarantine infected or compromised machines. If the appliance provides bidirectional filtering, it will enable any endpoint infected with malware or compromised by hackers to be quarantined, limiting damage from the attack.

Enhance security for endpoint devices. Fixed function devices, SCADA machines, and other critical endpoints can be grouped into a secure enclave. The communication policies for these machines can be more restrictive than the general policies for the rest of the network. This allows a higher level of security to be enforced for the critical devices on your network. Even if the front end of the corporate network is breached, the individual endpoints are still safe.

Mobile Machine Monitoring

RF Trends in the Alarm & Security Market

Scaling Network Infrastructure: A Security Focus

Datacenter Security: Is Protection at the Building & Room Enough?