At this year's SPS IPC Drives exhibition in Nuremberg / Germany from November 27 to 29, Innominate Security Technologies AG will present new versions of its mGuard security and device management software for the secure networking and remote maintenance of industrial systems. These products effectively reduce risks to industrial components and systems from malicious software, network failures and targeted internal or external attacks.
Daily presentations in the Innominate "ICS Live Hacking Lounge" will highlight the importance of the solutions presented. On Tuesday and Thursday from 12:30 p.m. and on Wednesday from 4:30 p.m., Marco Di Filippo, Penetration Testing Expert at Compass Security AG, will give guest lectures covering various scenarios to demonstrate how industrial control systems can be compromised within minutes.
One highlight of the new mGuard Firmware Version 7.6 and the mGuard Device Manager 1.5 is the encryption of configuration profiles and external configuration memories for respective target devices. This proves beneficial in several ways. Firstly, for the convenient roll-out of mGuard devices via memory card, configuration profiles are increasingly being transmitted and stored on unprotected media such as e-mail or SD cards. Despite the sensitive data contained here, including passwords and private keys, this is now possible without risk whatsoever due to the encrypted profiles. Secondly, the protected profiles can only be decrypted by the intended target device, reliably preventing any inadvertent mix-up or misuse of configurations on other devices. This functionality is possible for second-generation mGuard devices thanks to their integrated Trusted Platform Module (TPM) for hardware-based secure generation and management of cryptographic keys.
Other new features and improvements to the mGuard Device Manager include:
- Support for devices with the latest mGuard Firmware 7.5 and 7.6
- Support for newer hardware models such as the mGuard rs2000 including expanded two-click firewall
- Offline and online import of mGuard configuration profiles
- Automatic configuration of redundant device pairs and fully meshed VPN structures
- And the simple operation of the software as a service under Windows.
The new online import of configuration profiles now makes it very easy for users to retrospectively transfer the administration of security appliances, which were previously rolled-out manually, into the central device management system. In this process, matches with an applicable configuration template are automatically recognized and taken into account.
Daily presentations in the Innominate "ICS Live Hacking Lounge" will highlight the importance of the solutions presented. On Tuesday and Thursday from 12:30 p.m. and on Wednesday from 4:30 p.m., Marco Di Filippo, Penetration Testing Expert at Compass Security AG, will give guest lectures covering various scenarios to demonstrate how industrial control systems can be compromised within minutes.
One highlight of the new mGuard Firmware Version 7.6 and the mGuard Device Manager 1.5 is the encryption of configuration profiles and external configuration memories for respective target devices. This proves beneficial in several ways. Firstly, for the convenient roll-out of mGuard devices via memory card, configuration profiles are increasingly being transmitted and stored on unprotected media such as e-mail or SD cards. Despite the sensitive data contained here, including passwords and private keys, this is now possible without risk whatsoever due to the encrypted profiles. Secondly, the protected profiles can only be decrypted by the intended target device, reliably preventing any inadvertent mix-up or misuse of configurations on other devices. This functionality is possible for second-generation mGuard devices thanks to their integrated Trusted Platform Module (TPM) for hardware-based secure generation and management of cryptographic keys.
Other new features and improvements to the mGuard Device Manager include:
- Support for devices with the latest mGuard Firmware 7.5 and 7.6
- Support for newer hardware models such as the mGuard rs2000 including expanded two-click firewall
- Offline and online import of mGuard configuration profiles
- Automatic configuration of redundant device pairs and fully meshed VPN structures
- And the simple operation of the software as a service under Windows.
The new online import of configuration profiles now makes it very easy for users to retrospectively transfer the administration of security appliances, which were previously rolled-out manually, into the central device management system. In this process, matches with an applicable configuration template are automatically recognized and taken into account.
