Industrial cyber security – The non-negotiable reality of today’s world
Empowering utilities to stand against all odds is the core value of DNWP critical communications solutions. Critical infrastructure faces remarkably different encounters today than earlier such as:
-Can the capacity of new energy sources run the distribution without interruptions
-Will possible international disputes threat the network
-How to secure the network to keep it running internally and remotely
Updating cyber security on existing SDH technology is crucial for several reasons:
- Security vulnerabilities: Just like any other software, SDH can have vulnerabilities that cyber attackers can exploit. Patch updates often fix these vulnerabilities, making it harder for attackers to gain unauthorized access or control over the router.
- Protection against exploits: Hackers are constantly developing new techniques to exploit weaknesses in network devices. Regularly updating patches helps to mitigate the risk of falling victim to these exploits.
- Data protection: SDH handles sensitive data passing through the network. Ensuring that security patches are up to date helps protect this data from interception or unauthorized access.
- Network stability: Some patches not only address security issues but also improve the overall performance and stability of the network. Regular updates can contribute to a smoother and more reliable network operation.
- Compliance requirements: In certain industries, there are legal and regulatory requirements for maintaining strong cybersecurity measures. Keeping the software up to date with the latest security patches can help meet these compliance standards.
In essence, updating cyber security patches on SDH technology is essential for maintaining the security, integrity, and stability of a network.
Updating SDH is highly important – do not run your network on outdated software!
DNWP is pleased to announce new cyber security related functionalities to our key device Connection Master’s SDH technology platform.
One of the main new features is Remote Authentication Dial-In User Service (RADIUS). RADIUS is a networking protocol that authorizes and authenticates users who access a remote network. A protocol is a collection of rules that control how something communicates or operates.
RADIUS is used to make connections between computers and provides authentication, authorization, and accounting. RADIUS is an important tool for managing network access because it can prevent unauthorized users—and attackers—from infiltrating your network.
Connection Master SDH cyber security related new functionalities:
1 CM3.10 SDH (June/2024)
-Radius client support. Secure authentication for user log-in with RADIUS server. (Functional license needed)
-Multiservice Manager remote authentication using node generated certificate (based on OpenSSL and Mbed TLS). Enables secure log-in from Multiservice Manager with or without RADIUS.
-Support for several syslog servers
2 CM3.9 SHD1.0-10 (October/2023)
2.1 New software features compared to CM3.8 SDH1.0-06
-Security improvement with buildroot environment and open-source library updates. (list of libraries below, detailed list on request)
-Maximum number of user login names increased from 20 to 128. (good practice to have unique username for every individual)
-Multiservice Manager – compatible OS: Windows 11
3 CM3-6-1-0-05 (December/2021)
-SNMPv3 introduced. (secure communication channel between node and NMS)
-Supports privacy protocols DES and AES (AES 128).
4 CM3-5-1-0-17 (June/2021)
-Event log size increased from 500 events to 4500 events.
-Improved log-in security:
Login process: 6 failed login attempts from an IP address within a period of 40 seconds will lead to a 5-minute blocking of the IP address.
-SNMP: default SNMP community ‘netman’ can be deleted.
Updated Linux libraries:
uclibc
linux-headers
busybox
cramfs
zlib
dropbear
dtach
iptables
libevent
openssl
libpcap
lsof
lua
mtd
ncurses
netsnmp
ntp
popt
pppd
procps-ng
quagga
readline
screen
setserial
strace
tcpdump
uboot-tools
uemacs