«Аrкаn» – comprehensive protection of industrial enterprises against attacks at all levels of ACS TP

«3 whales» of ACS TP insecurity
Attacks aimed at lower levels of ACS TP ( PLC levels and field devices) bear the worst consequences
Many such attacks become possible due to the fact that the SCADA level is connected to corporate networks and the Internet. It is through them that attackers gain access to the lower levels
At the same time, the perimeter of the automated process control system and the communication channels within the organization most often remain unprotected
Complex solution «Аrкаn»
attack detection module at all levels ACS TP with the possibility of their blocking

Security Problem Solving possible in real-time monitoring (intrusion detection systems) blocking (firewall) it is also possible their combination at different levels of ACS TP

Levels of ACS TP
Multifunctional firewall
Control system «Аrкаn-К» –
setup and solution management
and receiving reports through a single interface
Certification FSTEK Russia
Corresponds to the documents of FSTEC of Russia
Protection profile of intrusion detection systems of network level fourth class of protection IT.SOV.S4.PZ - class 4
Protection profile of firewall systems of the fifth class of the IT.ME.S4.P4 protection class - class 4, type D
About the work of «Аrкаn»
Filtering by industrial protocols including Modbus, IEC60870-5-104, DNP3, OPC UA, OPC DA, etc.
Processing information from the channel, network, transport and application levels
The ability to scale to the entire production network of the organization: the user can connect any number of «Аrкаn-М» devices Information exchange
Analysis of all events and convenient graphical reports through a single interface «Аrкаn-К»
with any SIEM system via Syslog
Detection and blocking of attacks at all levels of ACS TP
Protection at all levels of APCS
Combines the functions of a firewall and intrusion detection system, which allows you to successfully close more than 10 attack vectors at different levels of the process control system

In monitoring mode or active protection

«Аrкаn-М» can work in a passive or active mode to effectively solve information security problems in various segments of the process control system

No intervention into the process
The implementation architecture is projected after a serious study of the organization's infrastructure in order to ensure the continuity of technological processes
Directions of attacks protected by «Аrкаn-М»
Unprotected remote support channel provided by own IT-employees or external executor
Internet attacks and ART attacks on enterprise management
The appearance of unregistered devices at all levels
Unauthorized use of industrial protocol commands at the SCADA, PLC and field device levels
The introduction of malware at the SCADA level (including through flash media)
Attacks on SCADA through enterprise management level
Vulnerabilities of PLC and smart devices for some industries
Using open ports that are not needed for full-time job
PLC control program change
Management and quick access to information
Centralized management
Setup of all components of the solution through a single web interface

Convenient access to necessary information

Uploading reports and removing incidents to SCADA

Customizable console
With the necessary widgets for the tasks of a particular user

Information exchange with any SIEM system
Export incidents via Syslog
Why «Аrкаn» ?
Russian solution certified by FSTEC of Russia
Solution that protects all levels of ACS TP
Actively blocks attacks without interfering with technological processes
It can work in the mode of monitoring and collecting information for subsequent investigation of incidents
Parses and controls not only popular, but also rare industrial protocols
The implementation is carried out taking into account the specifics of the enterprise in 3 stages:
security audit, design and implementation
«Аrкаn» development plans
Integrated Solution Release
and products «Аrкаn-М» and «Аrкаn-К»
Release of Arkan-S products (intrusion detection system) and Arkan-T (workstation protection)
Release of vulnerability analysis system for ACS TP
You can send a request, we will contact you at the soonest
We try to be friends with our clients, so we are happy to answer your questions.
Moscow, Innovation Center "Skolkovo"
Phone: +7 495 136 80 22
E-mail: info@asplabs.ru