The Urgent Demand for Operational Technology (OT) Cybersecurity
Today, with most industrial equipment and devices connected to the internet and the rapid development of the Internet of Things (IoT), it has become more convenient for operators to monitor entire industrial control systems (ICS). However, as industries optimize processes through cloud services and data-driven operations, these connections can also create new entry points for hackers and ransomware. Once traditional OT systems are compromised, the result may include system malfunctions, financial losses, operational disruption, and exposure of valuable data. The 2021 Colonial Pipeline ransomware attack is a well-known example of how cyber incidents can affect not only enterprises but also the public.
According to Cybersecurity Ventures, global cybercrime costs were projected to grow by 15 percent per year and reach USD 10.5 trillion annually by 2025. In addition, cyberattacks on corporate networks increased by 50% in 2021. Against this backdrop, small and medium-sized enterprises have become attractive targets due to limited resources and cybersecurity expertise. Therefore, Axiomtek aims to support the market by providing reliable cybersecurity gateways purpose-built for OT cybersecurity.
Laying the Foundation for Cybersecurity with the Right Gateway
In OT networks, threats can come from both internet connections and insider risks, such as USB drives being plugged into industrial systems. Once malware enters the network, devices and systems may face the risk of ransomware, manipulation, or operational disruption.
To secure the entire network, OT networks must be separated from the information technology (IT) environment. Within OT networks, cybersecurity gateways are also needed between different sections, such as field devices, programmable logic controllers (PLCs), distributed control systems (DCS), and supervisory control and data acquisition (SCADA) systems. This network segmentation helps establish a higher level of security across industrial environments.
By implementing network segmentation and segregation, cybersecurity gateways can set up firewalls across multiple networks to identify breaches, filter data traffic, and inspect abnormal packets to block potential threats. High-performance gateways should also be able to work with security software to perform unified threat management (UTM). Once networks are partitioned into smaller isolated segments, even if threats intrude, the impact can be minimized and prevented from spreading to other networks.
All in all, capable gateways allow approved communications through access authentication and authorization between different networks. With complete access governance, web isolation, and threat detection, enterprises can strengthen internal network security, protect critical assets, and reduce the risk of widespread infection.
Axiomtek Presents iNA100, a Gateway Purpose-Built for OT Cybersecurity
Axiomtek’s iNA gateway products are favored by cybersecurity software developers and solution providers. Compared with ordinary network appliances, industrial-grade iNA gateways are more suitable and durable for various harsh industrial environments. With DIN-rail mounting, fanless operation, wide temperature support, and diverse I/O interfaces, they help satisfy industrial IoT cybersecurity requirements.
To provide more capable products for this niche market, Axiomtek released the iNA100, which is powered by the Intel Atom® x5-E3930/E3940 processor, code-named Apollo Lake, for low power consumption and reliable processing performance. The iNA100 allows customers to utilize it as a medium to construct next-generation firewall (NGFW) solutions for various functions, such as intrusion detection and prevention (IDP), network access control (NAC), and deep packet inspection (DPI). DPI can detect abnormal cyber behavior and analyze packets within OPC UA to provide comprehensive security.
The iNA100 provides outstanding connectivity for comprehensive security across networks. It offers four GbE LAN ports for multiple network functions, and one pair of LAN bypass ports is built in to prevent a single point of failure and traffic overload. With optional modules, the iNA100 can further support Wi-Fi, 3G, and 4G/LTE connectivity. It also supports Trusted Platform Module 2.0 (TPM 2.0) to securely store critical data. In addition, it supports both Linux and Windows operating systems. More I/O features include two COM ports, two USB 3.0 ports, and one HDMI port.
Its compact form factor and DIN-rail design make it easy to embed into existing OT network infrastructure, while single-sided I/O interfaces allow easy access and maintenance. The operating temperature range is -20°C to +60°C, and it offers a 12 VDC terminal block power input, making it suitable for various applications, including refineries, iron and steel plants, and other industrial environments.