Learn about the advantage of deep packet inspection
Even when industrial networks use TCP/IP and Ethernet as their network backbone, they often still run industrial application layer protocols on top of the network. Modbus TCP is the most popular of these and is widely used in industrial communications. However, this protocol can introduce vulnerability to cyber attacks because it offers no built-in security features.
Legacy industrial protocols are more vulnerable to cyber attacks.
A malicious packet can appear to be entirely legitimate when inspected as a TCP/IP packet—such as by checking its source IP address. If the system were able to filter packets by Modbus source device ID, function codes, or other Modbus command types it could reveal the packet to be malicious. Since industrial devices rarely have much in the way of application layer security, it’s up to the cyber security devices, such as hardware firewalls to provide this critical missing protection. Unfortunately, conventional firewall solutions rarely include the technology to scan industrial protocols such as Modbus TCP.
The Advantage of Deep Packet Inspection
|Need more? Read a discussion of firewall features that address industrial security requirements, download our white paper|
|Moxa links (new window)||