Mercury Orchestrator
Protect your OT network and communications with advanced industrial cybersecurity
Published by
Enigmedia
Mercury Orchestrator
Published by
Enigmedia
Features
Secure remote access and connections
Mercury is a secure, robust and easy to deploy solution that enables remote connection via WiFi/GSM/2G/3G/LTE, compatible with interfaces, devices, and protocols and is directly applicable to any infrastructure without replacing devices or changing configurations.
Mercury is configured, managed, and monitored, from Mercury Orchestrator. Thanks to its centralized console, authorized users can remotely configure temporary ports, FW settings, send copies of the traffic to SIEM/SOC or check operational status. Updates can be done remotely and completely secure.
Mercury Ciphers provides a TPM, Firewall features and enforces authentication and encryption in the channel. Also have several features for preventing DoS attacks and send alerts to the SIEM if detect any suspicious behavior in the network. Different roles are supported in order to avoid privilege escalation.
Thanks to the temporal firewall rules and different roles, plant operators can grant access to maintenance providers in a secure, compliant and auditable way. Note that tunneled devices cannot access to the configuration interface.
![Secure remote access and connections]()
Asset discovery and inventory
Mercury Orchestrator includes an Assets Discovery and Inventory software that:
- Identifies network elements
- Provides a network diagram
- Discovers IP and communications between devices
- Categorizes network assets
- Helps to identify vulnerabilities
Mercury software is extremely intuitive and easy to use. No ramp-up or costly training is required to obtain benefits.
Mercury is fully compatible with third party IDS/IPS and other inventory softwares.
It is possible to use them with full functionality but for a proportion of the cost and enhancing network security thanks to Mercury’s security features.
![Asset discovery and inventory]()
Perimeter protection and segregation
Users can easily define network segments and secure zones from the Mercury Orchestrator control panel.
Users can configure what devices will be part of a specific zone, which ones are authorized to communicate with others and what will be the authorized protocols.
![Perimeter protection and segregation]()
Firewall and definition of conduits
Firewall is essential, as it prevents attacks from spreading between zones and devices. With Mercury Orchestrator, it is very easy to manage the configuration of authorized ports and traffic.
Ports can be configured as "permanent ports" or "temporary ports". This functionality is very powerful, as having the ports exposed permanently can pose a risk to the integrity of the network and devices.
![Firewall and definition of conduits]()
Threat detection and security monitoring
Mercury prevents attacks to the network, whether they are connection attempts through unauthorized protocols, network scanning, or denial of service attacks. This prevention capability can be combined with the monitoring of suspicious behavior, through centralized management of logs.
The Mercury Orchestrator server centralizes the logs of each Mercury Cipher which can be integrated with SIEM monitoring tools, to detect and manage alerts as well as suspicious behavior.
The solution is compatible with 3rd party products such as IDS/IPS and SIEMs. Additionally, one still deploy DPI in the network without loss of visibility.
Mercury approach prevents incidents, reduces complexity and standardize events to simplify correlation processes and avoid false-positive alarms.
Preventing vulnerabilities by armoring the network
Mercury encrypts all the traffic that goes through its appliances and distributes the info to validated end-points.
Mercury is designed for ICS/OT environment and ciphers the industrial protocols adding less than 1 ms latency. Mercury provides extensive vulnerability masking, limiting the available attack surface. The end-point devices simply ignore all other unknown or unapproved access attempts.
Most of the advanced attacks in OT requires to gather information from the targeted infrastructure as a first step. By cloaking the network, a malicious adversary is not able to perform such actions as she cannot attack what she cannot see.
Mercury architecture encrypts and obfuscates the network while keeping the visibility to allowed users and its compatible with DPI/IDS/IPS solutions.
Secure remote access and connections
Mercury is a secure, robust and easy to deploy solution that enables remote connection via WiFi/GSM/2G/3G/LTE, compatible with interfaces, devices, and protocols and is directly applicable to any infrastructure without replacing devices or changing configurations.
Mercury is configured, managed, and monitored, from Mercury Orchestrator. Thanks to its centralized console, authorized users can remotely configure temporary ports, FW settings, send copies of the traffic to SIEM/SOC or check operational status. Updates can be done remotely and completely secure.
Mercury Ciphers provides a TPM, Firewall features and enforces authentication and encryption in the channel. Also have several features for preventing DoS attacks and send alerts to the SIEM if detect any suspicious behavior in the network. Different roles are supported in order to avoid privilege escalation.
Thanks to the temporal firewall rules and different roles, plant operators can grant access to maintenance providers in a secure, compliant and auditable way. Note that tunneled devices cannot access to the configuration interface.
Mercury is configured, managed, and monitored, from Mercury Orchestrator. Thanks to its centralized console, authorized users can remotely configure temporary ports, FW settings, send copies of the traffic to SIEM/SOC or check operational status. Updates can be done remotely and completely secure.
Mercury Ciphers provides a TPM, Firewall features and enforces authentication and encryption in the channel. Also have several features for preventing DoS attacks and send alerts to the SIEM if detect any suspicious behavior in the network. Different roles are supported in order to avoid privilege escalation.
Thanks to the temporal firewall rules and different roles, plant operators can grant access to maintenance providers in a secure, compliant and auditable way. Note that tunneled devices cannot access to the configuration interface.
Asset discovery and inventory
Mercury Orchestrator includes an Assets Discovery and Inventory software that:
- Identifies network elements
- Provides a network diagram
- Discovers IP and communications between devices
- Categorizes network assets
- Helps to identify vulnerabilities
Mercury software is extremely intuitive and easy to use. No ramp-up or costly training is required to obtain benefits.
Mercury is fully compatible with third party IDS/IPS and other inventory softwares.
It is possible to use them with full functionality but for a proportion of the cost and enhancing network security thanks to Mercury’s security features.
Perimeter protection and segregation
Users can easily define network segments and secure zones from the Mercury Orchestrator control panel.
Users can configure what devices will be part of a specific zone, which ones are authorized to communicate with others and what will be the authorized protocols.
Users can configure what devices will be part of a specific zone, which ones are authorized to communicate with others and what will be the authorized protocols.
Firewall and definition of conduits
Firewall is essential, as it prevents attacks from spreading between zones and devices. With Mercury Orchestrator, it is very easy to manage the configuration of authorized ports and traffic.
Ports can be configured as "permanent ports" or "temporary ports". This functionality is very powerful, as having the ports exposed permanently can pose a risk to the integrity of the network and devices.
Threat detection and security monitoring
Mercury prevents attacks to the network, whether they are connection attempts through unauthorized protocols, network scanning, or denial of service attacks. This prevention capability can be combined with the monitoring of suspicious behavior, through centralized management of logs.
The Mercury Orchestrator server centralizes the logs of each Mercury Cipher which can be integrated with SIEM monitoring tools, to detect and manage alerts as well as suspicious behavior.
The solution is compatible with 3rd party products such as IDS/IPS and SIEMs. Additionally, one still deploy DPI in the network without loss of visibility.
Mercury approach prevents incidents, reduces complexity and standardize events to simplify correlation processes and avoid false-positive alarms.
The Mercury Orchestrator server centralizes the logs of each Mercury Cipher which can be integrated with SIEM monitoring tools, to detect and manage alerts as well as suspicious behavior.
The solution is compatible with 3rd party products such as IDS/IPS and SIEMs. Additionally, one still deploy DPI in the network without loss of visibility.
Mercury approach prevents incidents, reduces complexity and standardize events to simplify correlation processes and avoid false-positive alarms.
Preventing vulnerabilities by armoring the network
Mercury encrypts all the traffic that goes through its appliances and distributes the info to validated end-points.
Mercury is designed for ICS/OT environment and ciphers the industrial protocols adding less than 1 ms latency. Mercury provides extensive vulnerability masking, limiting the available attack surface. The end-point devices simply ignore all other unknown or unapproved access attempts.
Most of the advanced attacks in OT requires to gather information from the targeted infrastructure as a first step. By cloaking the network, a malicious adversary is not able to perform such actions as she cannot attack what she cannot see.
Mercury architecture encrypts and obfuscates the network while keeping the visibility to allowed users and its compatible with DPI/IDS/IPS solutions.
Mercury is designed for ICS/OT environment and ciphers the industrial protocols adding less than 1 ms latency. Mercury provides extensive vulnerability masking, limiting the available attack surface. The end-point devices simply ignore all other unknown or unapproved access attempts.
Most of the advanced attacks in OT requires to gather information from the targeted infrastructure as a first step. By cloaking the network, a malicious adversary is not able to perform such actions as she cannot attack what she cannot see.
Mercury architecture encrypts and obfuscates the network while keeping the visibility to allowed users and its compatible with DPI/IDS/IPS solutions.
Get Resources and Start FREE Trials
Easy Product Activation with Your Account
Products Saved to Personal Digital Library
Register Now
Already have an account?
Log In