Tofino Central Management Platform

Centralized Security Management

  • Configure and test your Tofino Security Appliances
  • Monitor network performance
  • Enable coordinated, system-wide threat response

  Tofino Central Management Platform manages all your Tofinos from one console

Traditional security devices force you to configure them one at a time by connecting a PC through a serial port or web browser; this quickly becomes un-manageable as the number of devices increases. What’s worse, this device-centric view provides no way to see what is happening at the system level, so diagnosing and correcting security issues is time-consuming, error-prone, and expensive.

The Tofino Central Management Platform (CMP) software enables configuration, management and monitoring of all your Tofino Security Appliances from one workstation. The Tofino CMP has a built-in network editor that helps you to quickly create a model of your entire control network. Creating, editing and testing your Tofino configuration is simple using visual drag-and-drop editing tools.

After you commission your Tofino Security Appliances, the Tofino CMP monitors your entire network from one workstation, while relaying security alerts to other network management tools.  You can see the status of the entire system at a glance and respond to cyber threats in a coordinated, system-wide manner.

To learn more about the Tofino CMP, see Joel Langill's (SCADAhacker.com) video, "Protecting Your ICS from Zero-Day Attacks"

Summary

Saves You Money Through:

  • Reduced down time and production losses
  • Lower training and staffing costs
  • Improved system reliability and stability

Features

  • Configure, manage and monitor all Tofino Security Appliances from one workstation
  • Built-in network editor to quickly model your control network
  • Visual drag-and-drop editors for quick and easy configuration of security rules
  • Pre-defined templates for more than 90 industrial communication protocols and over 60 families of industrial controllers
  • Relay security alerts to other network management tools via SQL database and/or syslog (RFC 3164)
  • MUSIC-2007 Security Certification
  • Suitable for use with VLAN-trunked networks
  • Supports redundant networks that use link status technologies for high speed switch-over (TSA-100 and MTL 9211-ET security appliances only)

Applications

  • Process control
  • SCADA systems
  • Discrete control
  • Industrial Automation
  • Manufacturing Automation

Specifications

Model Your Network

Quickly and easily create a model of your entire control network with visual editing tools

Create Security Rules

  • Visually create rules that specify which device may communicate, and what protocols they may use
  • Tofino Discovery feature probes the control network to locate unconfigured Tofino Security Appliances
  • Passive Asset Discovery* feature discovers network devices and matches them against a database of over 25 vendor product families


*Requires Secure Asset Management LSM, sold separately

Test Your System

Security alerts are displayed in the Tofino CMP’s Event View, enabling fast rule editing and refinement

Number of Secured Devices

No limit. All Tofino Security Appliances in the network may be managed from a single Tofino CMP workstation

Remote Device Configuration

Yes - using SSH encrypted communications over network connection

Manual Device Configuration

Yes - encrypted configuration files may be saved on a USB storage device and loaded into a Tofino Security Appliance via the front-panel USB port

Security Alerts

Tofino Security Appliances report security alerts to the Tofino CMP via proprietary Tofino heartbeat communications

Pro-Active Alerting

Security alerts (heartbeats) may be relayed to syslog server (RFC 3164), enabling alerting of operations personnel via e-mail, pager or other means

Post-Incident Auditing

Heartbeats may be stored in an SQL database and/or text file for subsequent analysis

Certifications

  • Certified Modbus-compliant by Modbus-IDA
  • MUSIC-2007 security certification

System Requirements

  • PC with Windows Server 2003*
  • Dual core CPU; Minimum 1GB RAM; 250 GB hard drive
  • Colour monitor, minimum 1024 x 768 resolution

*All product testing is performed on Windows Server 2003. Windows XP SP2/SP3, Windows Vista, Windows 7 and Windows 2008 are known to work, but the product is not formally tested on these versions and there may be minor functionality issues.

Ordering Information

Part number FA-CMP-100 (Tofino Central Management Platform)

 Download Tofino Central Management Platform Data Sheet