Isolates your PLC or OT network from your IT network without losing HMI visibility
Terafence’s MBsecure+ hardware is designed to physically isolate IIoT units like PLCs and sensors from the secure IT network, ensuring only relevant SCADA information is passed unidirectionally from the edge infrastructure to the HMI. This high-capacity unit can connect over 200 devices and supports a wide range of industrial protocols. At no time is there network access to the PLC or other industrial device available from the HMI network side. The MBsecure+ effectively acts as a bridge that sits between network segments of varying security classifications, protecting against potential hacks of the most sensitive elements of IIoT systems.
- Securing SCADA/ICS communication protocols
- Protecting networks with disparate security levels
- Hack-proof PLC-HMI isolation
THE Terafence MBSecure+ Features:
- PLC is secure from attacks at OSI Layer-1, physical link.
- SCADA data is collected from PLC and is made available to the HMI for collecting.
- PLC read/poll command interval is configurable for maximum accuracy.
- Near Zero (30μs on average) latency through the unit.
- HMI restriction – only configured HMI units may request data.
- Unit is a network device/bridge, not a service or an application server.
- Unit configuration is available only via the PLC side (WEB GUI).
- No access from the HMI to PL.
Find out how Terafence MBsecure+ can protect your organisation’s critical industrial assets without sacrificing the efficiency of your industrial control systems
How it works:
- Terafence MBsecure+ gateway acquires the data from the sensors and PLCs over TCP/IP and then forwards the data out of band via Terafence secure command channel to the HMI.
- Terafence MBsecure+ gateway ensures that there is no network access between the PLC and HMI.
- The isolation of the PLC and sensors is at the physical and data layers (OSI Layers 1 and 2)
- ISOLATION is achieved via Terafence hardware-based Smart Air Gap Controller.