Mercury Box

Protect ICS legacy devices

Features

  • Discovery and inventory of network assets
  • Plug & Protect
  • Segmentation and definition of secure zones
  • Firewall and definition of conduits
  • Integration with event correlation systems
  • Mitigation of unknown vulnerabilities in protocols and devices

Discovery and inventory of network assets

Once Mercury is deployed, all traffic goes through its secure layer. The traffic is then analyzed and categorized to draw a map of the network, which shows devices, IPs, communications, and protocols.
Discovery and inventory of network assets

Plug & Protect

Deploying Mercury is as easy as plugging Mercury Box directly to the interface, or network switch. Once deployed, Mercury protects PLCs encrypting for all network traffic, offering:

  • Protection to legacy PLC against cyber-risks, avoiding vulnerabilities exploitation
  • Transparent communication without interruption from Level 0 upwards
  • Prevents attacks to PLC’s Ports that are not in use
  • Define permissions to access Ports in use
  • Latency below 2ms (compatible with industrial protocols).
  • Segmentation and definition of secure zones

    Once Mercury Boxes are configured, users can easily define Network Segments and Secure Zones from the Mercury Orchestrator Control Panel. Users can configure what devices will be part of a specific zone, which ones are authorized to communicate with others and what will be the authorized protocols.
    Segmentation and definition of secure zones

    Firewall and definition of conduits

    Firewall is essential, as it prevents attacks from spreading between zones and devices. With Mercury, it is very easy to manage the configuration of authorized ports and traffic.

    Ports can be configured as "permanent ports" or "temporary ports". This functionality is very powerful, as having the ports exposed permanently can pose a risk to the integrity of the network and devices.

    Firewall and definition of conduits

    Integration with event correlation systems

    Mercury prevents attacks to the network, whether they are connection attempts through unauthorized protocols, network scanning, or denial of service attacks. This is down to Mercury's native encryption and firewall feature. This prevention capability can be combined with the monitoring of suspicious behavior, through centralized management of logs.

    The Mercury Orchestrator server centralizes the logs of each Mercury Box. These can be integrated with SIEM monitoring tools, to detect and manage alerts as well as suspicious behavior.

    Mitigation of unknown vulnerabilities in protocols and devices

    Once deployed, Mercury builds an encrypted layer, protecting the industrial network. All traffic is encrypted between Mercury Boxes. As a result, all devices and protocols are hidden. Thanks to this feature, Mercury is a perfect tool for risk mitigation.

    Mercury obfuscates ICS networks. This means that an attacker cannot exploit existing vulnerabilities, as he cannot obtain network information. Mercury’s encryption technology has been specially designed for ICS requirements, adding less than 2ms delay in communications. This is ideal for industrial processes, as it does not impact operations.