您交通运输基础设施的安全性始于网络。

为了保护您的网络免受黑客攻击、数据泄露、信息窃取及其他恶意攻击,您需要采用分层安全方法:

User Profiles 

  • Consistent network access control through universal network profile (UNP) at both wired and wireless interfaces
  • Private VLAN protects user privacy
  • Enforced role-based access and quarantine process for unauthorized or non compliant users
确保物联网流量和相关设备的安全是一项挑战,无法通过任何单一的软件或某次创意思维的迸发来解决,而是需要一套战略方法。

Heitor Faroni, ALE 网络解决方案总监

Device Fingerprinting  

  • Device fingerprinting understands which devices are connected
  • Automated device onboarding with 802.1x authentication
  • Device health check ensures compliance before allowing access
  • Isolates infected devices and limits access to remediation servers

 Application Visibility

  • Deep Packet Inspection (DPI) technology, identifies applications traversing the network in real time
  • Application enforcement blocks the use of insecure and undesirable applications
  • Firewall (Palo Alto Integration) enables more granular firewall rules based on user and device information
  • IDS and Quarantine Manager

Smart Analytics

  • Devices and application visibility helps protect your transportation system
  • Top-use reports and predictive analysis provide traffic anomaly alerts, identification of potential attacks

OS Hardening

  • Multiple embedded operating system techniques mitigate or prevent attacks, including flood control gates, port scanning
    detection, task CPU usage monitor and control, etc.
  • Always-on DOS filtering prevents cyber attacks
  • Extra-hardened operating system with innovative CodeGuardian technology

IoT Containment

  • VLAN, SPB, VXLAN allows segmentation of virtual networks
  • Network access control, application visibility and enforcement, along with profile-driven policies, enable remote management, monitoring and safeguarding of all loT devices
  • IoT containment combines virtualization, security and QoS to provide optimal operation for loT systems while minimizing security risks
文档