Introducing Net-Optix™

The Ultimate Solution to Protect Infrastructure Networks

There’s no denying the growing presence of cyberattacks, and of particular concern is the lack of protection for industrial networks and infrastructure systems at large.

Backed by years of expertise, we at Veracity Industrial Networks understand the significance of this vulnerability. So, we’ve worked diligently to design Net-Optix™, the revolutionary product simplifying and streamlining the process of maintaining and updating security systems for infrastructure networks.

Introducing Veracity’s SDN-based Industrial Network Controller

Security Level Model

Veracity’s Network Controller provides the first fully functional visual based security level model builder. The security level allows for a user to quickly build the Purdue Manufacturing Model, ISA-95, ISA-99, or even create a model from scratch. The user can quickly define the functional levels in their model and drag & drop device types from the industry library to their respective functional levels. Finally, the user can easily define rules for each level (e.g. communication between levels).

Authorize Network Devices

Device management is made simple with Veracity’s INDUSTRIAL SDN™ as 100% of all devices connected to the network are identified. During the learning/identification mode, the system is also characterizing the network devices to classify the functional role and device type (e.g., PLC, RTU, SCADA Server, etc.). Device management provides information to the user to define whether a device should be authorized or not. The user can also decide to quarantine a device (e.g., an unauthorized laptop).

Security Zone Management

Veracity provides an innovative approach to network segmentation via the creation of security zones. This workflow-based approach allows the user to easily create security zones or logical groups and assign devices to those groups. This can be accomplished in multiple ways from Veracity’s single pane of glass – by asset/network drag and drop or command line interface.

Authorized Communication

Veracity’s approach to traffic engineering allows complexity at scale while allowing fine-grained control. The user can manage traffic at a high level – e.g. what zone to zone communications are permitted – or via very granular rules such as “a specific PLC is allowed to communicate with a specific HMI over DNP-3.”

Visual Validation

Where engineers are very comfortable working with spreadsheet-like interfaces for managing complex data, what is lacking is a visual representation.

Visual validation is an important step to identify the rules that are being configured in a simplified and consumable manner. This enables the user to maximize their efficiency and accuracy.

System Policy Management

In addition to simplified traffic engineering via zones and device types, Veracity provides dynamic, API-based control by allowing configuration change sets to be grouped as policies. These policies can be enabled or disabled at any time, vastly simplifying operational workflows. The system will support both a default policy of denying that access alongside an operational policy of allowing that access, and switching between them can be done via a remote process driven by a change management workflow or via a few clicks in the user interface.

Frequently Asked Questions

SDN or Software Defined Networking is an open standard that allows the programmatic management of network traffic.   It is very commonly used in cloud applications and distributed networking by the major players in those industries.

Deny by Default means that no network communication traffic is allowed through switches unless explicitly defined as acceptable by the system.

A Zero Trust Network Architecture requires that no device on the network can be trusted by default.   Typical networks will allow network communication if you are within the same subnet.   Net-Optix will not allow any network communication traffic that is not explicitly authorized by the system no matter where you plug in the device.

Net-Optix requires a Linux computer that runs as the network controller and network switches that support SDN.  We recommend Dynics and SEL switches, but many others support SDN.

We recommend having one of our authorized integration partners install Net-Optix for you.  Please see our partners page to find the best one for you.

How do you think about your plant floor operations? Most people do not think of it in terms of network segregation.  Most people think of wanting this PLC to communicate with that HMI.  This is how Net-Optix presents your network to you.  This allows the people who maintain the operations to also manage the network.

Yes you can.  With learn mode, the system can watch existing network traffic to create the rules required within the system getting you up and running very quickly.   Net-Optix does require SDN switches and if your current system does not support, SDN, we will work with you on the best and most cost effective implementation.

Like most security solutions, Net-Optix is a software-as-a-service subscription solution.   Pricing is based on the size of your network and which options a required for your unique installation.   Please contact us for more information.

Interested in learning more about how to protect and reduce risk for your network using Net-Optix™?