Socwise logo
Péter Hunyadi
06/05/2024

Thoughtful OT Cybersecurity Solutions from TXOne

Péter Hunyadi
TXOne Networks was established in November 2018 as the shared subsidiary of IT security solution provider Trend Micro and renowned OT automation company Moxa, thus creating a notable player in the OT cybersecurity market.

The vendor

TXOne Networks was established in November 2018 as the shared subsidiary of IT security solution provider Trend Micro and renowned OT automation company Moxa, thus creating a notable player in the OT cybersecurity market.

The vendor has since become widely known due to its ability to fulfill both production management and security requirements. It is known that compared to office and data center environments, establishing security in an OT setting will always meet more limitations, and that the very infrastructure that needs to be protected cannot be changed flexibly. In addition to easily configurable security functions, TXOne’s solutions also take into consideration the area’s infrastructural and cultural characteristics, as well as the human safety and production continuity aspects. TXOne’s portfolio features solutions for endpoint protection, network security, as well as the central management of defense solutions, covering the levels of the Purdue model from ‘Level 1’ devices to resources residing in the DMZ.

Defending undefendable endpoints

A typical weakness of production management is its dependance on decade-old, out-of-support operating systems and software which have not received security updates from the vendor for a long time. The lack of patches thus creates a basic risk that is really hard to manage.

If the vendor does not release patches, users can only resort to third-party endpoint protection, however, it’s hard to find one that’s knowledgeable of OT software and processes.

What if we don’t approach endpoint protection using the classic methods, assuming that something must be installed on the device that needs to be protected?

One of TXOne’s unique endpoint protection solutions is virtual patching, which is when the EdgeIPS device is placed in front of the endpoint that needs to be protected to fill the gaps of its known vulnerabilities. Another completely new, USB data storage operated endpoint protection solution is Portable Inspector, which can be connected even to devices in the most isolated segments, making it possible to run inspections, then collect the results on a central management platform called ElementOne.

If the endpoint installation does not cause any issues, the vendor’s Stellar series is particularly suitable for monitoring operating systems and software used in OT control systems. We’ll introduce the Edge, Element, and Stellar series in more detail in our subsequent articles.

Manageable network segments

In OT network security, knowing OT devices and protocols is a basic requirement. The above-mentioned Edge series was primarily designed to protect OT network segments against network intrusion, therefore it has the ‘know-how’ necessary to meet the requirements. It’s capable of virtually patching protected devices, analyzing OT protocols, and – like all other TXOne products – detecting threats early on through the TXOne Zero Day Initiative (ZDI) detection program, which, uniquely in the market, provides users with an up-to-date threat database.

EdgeFire, TXOne’s industrial firewall is equipped with similar features, but as we’ve mentioned before, we’ll discuss the Edge series in a subsequent article.

Everything on one platform

At the beginning of our article, we mentioned central management. The StellarOne, EdgeOne, and ElementOne platforms all enable central monitoring of the above listed defense tools, as well as the resources they protect, and they can also be used to manage threat database and firmware version updates through an intuitive and user-friendly interface. When placed on top of all these, the SageOne platform enables centralizing the three series-specific monitoring software onto one interface, which provides an extremely comprehensive and holistic view.

In conclusion, TXOne complemented with central management software doesn’t promise a vendor-independent, but an innovatively integrated defense environment, which is not something that many OT system administrators  have.

Stay in the loop for our introduction series on TXOne’s security solutions!

crossmenu