Preventing the syslog collection circuit from being used by malware: A condition of zero trust.
Data diode "OWCD"
The compatibility of Zero Trust and data diodes is actually outstanding! The number of adoption cases is steadily increasing. Let's make visible progress!
Zero Trust is fundamentally about "not trusting," but there is the challenge of "how to connect to places that cannot be fully trusted." This is where the data diode "OWCD" comes into play! When connecting operational technology (OT) networks, such as those in factories and power plants, to external networks (IT), there is a growing need for "secure one-way communication to send data," leading to an increase in the adoption of OWCD. Today, we will discuss "secure transfer of Syslog" within this context. To realize Zero Trust, it is essential to continuously collect and analyze logs and monitoring data from each device. However, it is nearly impossible to constantly perform collection and analysis if we do not send the OT information, which we want to keep cleaner, to the often challenging IT side. This makes it perfect for the purpose of simply sending OT-side logs and monitoring data to the IT-side SIEM. In fact, the adoption is rapidly increasing from infrastructure engineering applications. For SIers, if you want to promote cybersecurity, let's effectively utilize boundary control to protect yourselves. There is a video explanation linked below! Feel free to reach out for inquiries.
Inquire About This Product
basic information
The Data Diode is based on the principle of connecting circuits that are physically separated without any cable connection, allowing output in only one direction. There are no settings required for one-way communication, so there is no way for data to enter from this point. In the case of connectionless communication like Syslog, you simply place this physical boundary restriction device between the collection device and the source. No settings are required for the OWCD. There are no configuration tasks typically associated with routers and firewalls, making operational management simple. There is also no concern about settings or passwords being hijacked. Additionally, it will never respond to any incoming requests, which is strictly prohibited in mirroring. While monitoring is essential in case something happens, the boundary control that limits incoming connections to information transmission only, when there is no need for constant connectivity, is beneficial. For companies providing infrastructure engineering, how they regulate themselves offers a significant advantage in ensuring the peace of mind of their clients. If there is no need to keep a connection open on the client side, physically disconnecting can build trust and allow focus on SIEM activities. For inquiries, please refer to the related link above.
Price information
This is part of a zero-trust approach. It is a step towards strategic investment, not just hardware. While there will be initial investment costs, they are clearer than the costs incurred from unclear cybersecurity issues, providing a different level of reassurance for executives. For companies that provide infrastructure engineering, this investment will greatly help improve customer trust. Shall we start by sending logs through one-way communication? The 'symbol of reassurance' and the visual and physical sense of security will resonate with management as well.
Price range
P5
Delivery Time
※For made-to-order production, please contact us through the related link above for pricing and other inquiries.
Applications/Examples of results
Mirroring communication signals from a switching hub for monitoring is simply about connecting the OWCD to the circuit. No special routing settings are required. It has been adopted by many companies. Furthermore, it can be used anywhere if you can restrict communication in one direction for each device, such as manufacturing equipment, medical devices, etc., between OT and IT, or IT and infrastructure services. The OWCD itself has a sales record of over 130 units. It has numerous achievements in remote monitoring of thermal power plants. While I can't discuss specifics, its use is increasing in critical infrastructure within government agencies, public institutions, and important departments of companies in sectors such as chemicals, pharmaceuticals, and ceramics (critical infrastructure, research facilities, etc.). There is also a growing trend of using it to completely separate incoming communications from unspecified sources outside government agencies and outgoing communications to specific destinations, preventing remote operations or unauthorized data exfiltration in case of emergencies. The utilization of our unique cybersecurity solutions by SIers is also rapidly increasing! We are open to consultations regarding shape modifications for customers considering product integration. Please feel free to inquire about the communication methods and protocols you wish to utilize. For inquiries, please visit the related links above.
catalog(5)
Download All Catalogs
Company information
Our company is a member of the Mitsubishi Heavy Industries Group, serving as a design technology partner for Mitsubishi Heavy Industries, where we engage in planning and mechanical design for prime movers (steam turbines/boilers, gas turbines, water turbines), pumps, and various plants, as well as instrumentation control system planning and electrical design. In order to meet the increasingly diverse and sophisticated needs of our customers, we will continue to challenge ourselves to improve our technological capabilities, streamline operations, and reduce costs based on the trust we have built with users. Through this, we are developing activities that contribute to society by providing the products and engineering capabilities we have cultivated so far to everyone. Alongside the sale of products related to IoT, manufacturing DX, and on-site monitoring/condition monitoring, we will focus on custom orders, customization, and system construction to realize your ideas. We encourage you to consider utilizing our services. https://eng.power.mhi.com
