Topsec Industrial Intrusion Detection and Audit System

Product Overview

Topsec Industrial Control System Intrusion Detection and Auditing Platform (TopIDA) is a security device integrating multiple security capabilities, including industrial intrusion detection, industrial behavior auditing, botnet detection, threat intelligence analysis, database auditing, industrial traffic auditing, and industrial asset discovery. It can effectively detect attack threats targeting industrial control systems (ICS), such as unauthorized external connections, abnormal access, malicious operations, Trojans, DDoS attacks, abnormal traffic, and malicious programs. Meanwhile, it can real-time record attack behaviors and capture attack packet information, providing a fundamental basis for subsequent attack traceability and ensuring the safe operation of industrial production networks.

Activity & Announcement

Hot Products Intelligent Computing Cloud Platform
New Products Ask Large Model
New Products LLM Security Gateway
Typical cases CNCC security construction project

Advantages

All-in-One Attack Threat Detection

Integrating multiple security detection technologies such as intrusion detection, behavior detection, and database auditing, the system conducts real-time detection of ICS operating status in accordance with specific security policies. It can effectively identify security threats such as network or database-level intrusion attacks, abnormal traffic, unauthorized operations, and SQL injection.

Multi-Dimensional Security Baseline Detection

Adopting deep self-learning technology, the system establishes traffic baselines, protocol baselines, and behavior baselines, which can be custom-tuned according to the business requirements of ICS. It effectively detects violations such as unauthorized external connections, malicious programs, and misoperations, helping customers real-time grasp the network operation status and identify potential security threats.

Comprehensive Business Behavior Auditing

Utilizing business behavior auditing technology, the system conducts in-depth analysis of write operations, write frequency, parameter ranges, variation ranges, and rate of change ranges of ICS communication content. It solves the accurate identification of destructive behaviors such as misoperations, unauthorized operations through legitimate channels, changes to control commands, and PLC downloading.

Fine-Grained Industrial Protocol Parsing

The system embeds a deep protocol parsing engine, which performs in-depth analysis of industrial protocol data packets from multiple levels including integrity, function codes, address ranges, value ranges, and variation trends, to timely detect abnormal communication behaviors. Supported industrial protocols include Modbus, OPC, S7, Profinet, IEC 104, DNP3, CIP, MMS, etc.

Database operation audit in whole process

Using the database protocol identification, feature detection and in-depth analysis technologies, configure a full range of alarm policies for all elements such as login users, SQL statements, operation types, and operation objects, record all operational behaviors on the database, detect potential threats in time, and quickly and accurately locate security events.

Intelligent industrial asset identification

The system uses active lossless detection and passive matching technology to effectively identify the IP address, protocol, port, manufacturer information, model, version, and other information of assets, and analyzes asset relationships, to automatically generate asset topology and establish a complete industrial asset ledger to help customers thoroughly grasp assets conditions.

2025

2024

2023

2021

Ranked third with an 11.6% market share.

Achieved a market share of 11.6%, ranking 3rd in the CCID "China Industrial Control Security Market Development White Paper 2025"

Ranked third with an 11.3% market share.

Achieved a market share of 11.3%, ranking 3rd in the CCID "China Industrial Control Security Market Development White Paper 2024"

Received the Outstanding Product Award

Received the Outstanding Product Award in the 2023 Cyberspace Administration Independent Innovation "Peak List" published by the Administrative Independent Innovation Research Report

Received the Outstanding Product Award

Received the Outstanding Product Award in the 2023 Cyberspace Administration Independent Innovation "Peak List" published by the Editorial Board of the Cyberspace Administration

December 2023

Recognized as a Market Leader in the CCID "China Industrial Control Security Market Development White Paper 2023"

Received the Excellent Award

Received the Excellent Award at the 2021 Cybersecurity Excellent Innovation Achievement Competition organized by the China Cybersecurity Industry Alliance

Applications

Intrusion Behavior Detection for Production Control Systems

Topsec Industrial Intrusion Detection and Auditing System is deployed in bypass mode between the production management layer and the enterprise management layer. It can effectively detect attack threats such as viruses, worms, Trojans, DDoS attacks, abnormal behaviors, abnormal traffic, and malicious programs, issue real-time alarms, help industrial enterprise customers timely discover security threats, and ensure the safe operation of production networks.

Problems Solved

Deployed in bypass mode, it mirrors the full traffic of the ICS network, conducts real-time monitoring of network security status, and has "zero" impact on industrial production business.
Real-time detects attack threats such as viruses, worms, Trojans, DDoS attacks, abnormal behaviors, abnormal traffic, and malicious programs from the enterprise office network traffic.
Detailedly records all malicious attack network traffic and issues real-time alarms, helping industrial enterprise customers timely discover security threats and ensure the safe operation of production networks.

Value to Customers

Meeting Industrial Security Compliance Requirements

It can conduct in-depth analysis and judgment of network intrusion behaviors at L2~L7 layers, accurately identify attack threats in the network, meet the security requirements of relevant industry policies for customers, and enhance the security protection capabilities of ICS.

Early Warning of Industrial Intrusion Attack Events

Through comprehensive and continuous monitoring of production control system network security, it establishes security detection rules consistent with industrial production sites, timely discovers intrusion attack behaviors, and notifies security managers, reducing economic losses caused by security incidents.

Enhancing Security Accident Traceability Capabilities

By detailedly recording security incidents such as network attacks and unauthorized operations and retaining data packets, it enables users to restore and trace the entire process of security accidents in the industrial network when problems are found.

Intuitive Display of Industrial Security Threats

Through visualization technology, it can clearly and intuitively perceive traffic changes and communication behaviors inside the industrial control network, helping users overall grasp industrial network security threats.

Specification

0 > 0 >

	TIDA-5112C-E
Throughput	2Gbps
IDS Throughput	1Gbps
Event Logging Capacity	10,000
Concurrent Sessions	20W
Fixed I/O Ports	8xGE,4xSFP
Form Factor	1U
RAM	32GB
Storage	4TB
Power Specification	150W, Dual AC
Power Supply	AC 100-240V,50/60 Hz
Working Temperature	0~40℃
Relative Humidity	10~95% ，Non-Condensing
Weight	8Kg
Dimensions (W × D × H, mm)	440×510×44

Success Case

A Certain Offshore Oil and Gas Field Industrial Control System Security Project

There are potential security vulnerabilities in the industrial control system (ICS) of a certain offshore oil and gas field. Based on the characteristics of production business, a security audit strategy is established. Various security threats are blocked through the combination of attack detection rules and business whitelist mode to ensure the safe operation of the production network.

Value to Customers：: Early Warning of Industrial Intrusion Attack Events Improve The Traceability Capability of Security Incidents Visualize Industrial Security Threats

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

A Certain Offshore Oil and Gas Field Industrial Control System Security Project

Topsec Industrial Control System Intrusion Detection and Auditing Platform

Product Overview

Product Service

Security Research

Special Topics in Security

About Us