Stock Abbreviation : Topsec      Stock Code : 002212
7*24 hour service: 400-777-0777
Product Service
View all
  • Infrastructure Network
  • Data security
  • Industrial Internet Security
  • IoT
  • Safety service and operation
  • Cloud computing and cloud security
  • Zero Trust
Border Security
Application Security
Security Management
Safety Detection
Endpoint Security
Popular products
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
Consulting and support services
Security Operations
Red blue confrontation service
Security Cloud Service
New technology testing services
Security integration
Industry specific services
Popular products
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
Special Topics in Security
Security Research
About Us
About Topsec
China's leading cyber security, big data and cloud service provider
Learn about Topsec
About Us
Contact Us
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
EN

Topsec Industrial Intrusion Detection and Audit System

Industrial intrusion behavior analysis | Industrial protocol audit | Industrial asset management

Topsec Industrial Intrusion Detection and Audit System Overview

Topsec Industrial Intrusion Detection and Audit System (TopIDA) is a security device that integrates security capabilities such as industrial intrusion detection, industrial behavior auditing, zombie host detection, threat intelligence analysis, database auditing, industrial traffic auditing, and industrial asset discovery. It can effectively detect attack threats that are based on industrial control systems such as illegal external connection, abnormal access, malicious operations, Trojans, DDoS, abnormal traffic, and malicious programs. It can also record attack behaviors in real time, capture attack packet information, and provide the basis for subsequent attack traceability, ensuring the safe operation of industrial production networks.

Activity & Announcement
Advantages
All-in-one attack threat detection

The system integrates multiple security detection technologies such as intrusion detection, behavior detection and database auditing, and monitors industrial control system operating conditions according to specific security policies. It can effectively detect security threats such as network or database-level intrusion attacks, abnormal traffic, illegal operations, and SQL injection.

Comprehensive business behavior audit

The system uses business behavior auditing technology to perform in-depth analysis on the writing operation, writing frequency, parameter range, variation range and change rate range of the communication content of the industrial control system. Accurately identify the destructive behaviors such as misoperation, illegal operation based on legal channels, manipulation instruction changes.

Multi-dimensional security baseline detection

The system uses deep self-learning technology to establish traffic baselines, protocol baselines and behavior baselines, and optimizes the baselines according to the business needs of the industrial control system. Effectively detect illegal external connection, malicious programs and misoperations and other violations, helping customers grasp the running status of the network in real time, and detect potential security threats.

Fine-grained industrial protocol analysis

The system is embedded with a protocol in-depth analysis engine, which performs multi-level analysis on the industrial control protocol data packets, including the integrity, function code, address range, value range, and change trend, so as to detect abnormal communication behavior in time. Supported industrial control protocols include Modbus, OPC, S7, Profinet, IEC104, DNP3, CIP, and MMS.

Database operation audit in whole process

Using the database protocol identification, feature detection and in-depth analysis technologies, configure a full range of alarm policies for all elements such as login users, SQL statements, operation types, and operation objects, record all operational behaviors on the database, detect potential threats in time, and quickly and accurately locate security events.

Intelligent industrial asset identification

The system uses active lossless detection and passive matching technology to effectively identify the IP address, protocol, port, manufacturer information, model, version, and other information of assets, and analyzes asset relationships, to automatically generate asset topology and establish a complete industrial asset ledger to help customers thoroughly grasp assets conditions.

Application
Intrusion Detection for Production Control System

Deployed between the production management and enterprise management in a bypass mode, TopIDA can effectively detect attack threats based on viruses, worms, Trojans, DDoS, abnormal behaviors, abnormal traffic, and malicious programs, and raise real-time alarms to help industrial enterprise customers detect security threats in time and ensure the safe operation of production networks.

Issues Resolved
  • Detect attack threats based on viruses, worms, Trojans, DDoS, abnormal behaviors, abnormal traffic, malicious programs and other threats from the corporate office network traffic.
  • Record all network traffic of malicious attacks in detail and raise real-time alarms to help industrial enterprise customers detect security threats in time and ensure the safe operation of production networks.
  • Deployed in a bypass mode, it mirrors all traffic of the industrial control system network, monitors the cyber security status in real time, and has "zero" impact on the industrial and production businesses.
Value to Customers
Meet industrial security compliance requirements.

Deeply analyze and judge the network intrusion behaviors of L2-L7, accurately detect the attack threats in the network, meet the security requirements of customer classified protection, hierarchical protection and related industry policies, and improve the security protection capability of industrial control systems.

Pre-warning of industrial intrusion attacks

By fully and continuously monitoring the cyber security of the production control system, establish security inspection rules suitable for industrial production sites, and detect and report intrusion attacks timely to reduce economic losses caused by security incidents.

Improve the ability to trace the source of safety incidents

Detailed records and message retention of security events such as network attacks and illegal operations can help users restore and trace the entire process of security incidents in industrial networks.

Visualize industrial security threats

By using the visual display technology, users can clearly and intuitively perceive the internal traffic changes and communication behaviors of the industrial control network, helping users control the security threats of the industrial network as a whole.

Success Case
Relevant Recommendations
RELIABLE NETWORK SAFE WORLD

Product Service

Security Research

Special Topics in Security

About Us
Hot products
Next Generation Firewall NGFW® Hyper-converged Management Emergency Response Service Data Security Management Platform
Typical cases
CNCC security construction project Loophole Scanning Project of a Communication Group Internet surface exposure detection project of a central ministry
More Recommendations
Data Security Cloud Computing Industrial Internet Internet of Vehicles
Copyright © 2022 Topsec Technologies Group. All Rights Reserved Privacy Policy