1. Industry Background
The steel industry is a fundamental industry in China and a pillar of the national economy. However, there are still many security risks in the industrial control networks of steel enterprises that need to be addressed, despite their seemingly stable operation. In the automation process of the smelting industry, continuous casting mold level controllers, blast furnace control systems, intelligent steelmaking control systems, thin strip intelligent control systems, high-precision plate thickness controllers, SCADA systems, and DCS distributed control systems are increasingly applied in the production control processes of the smelting industry; at the same time, MES, CIMS, and ERP are also widely used in enterprise management processes, leading to a revolutionary transformation in production management.
2. Risk Analysis
(1) Security risks brought by the interconnection of MES and industrial control networks in steel enterprises In the actual application environment of steel, there is data interaction between the MES system and the office network, and there is a lack of effective security auditing, intrusion monitoring, and other technologies and mechanisms at the boundaries of various control systems and areas, making it impossible to detect and respond to illegal access and malicious attacks from both internal and external sources in real-time. Once a hacker controls a network node within the system, it could lead to a paralysis of production operations.
(2) Defects in communication protocols The design of the blast furnace control network (DCS), industrial control system configuration software, PLC embedded systems, etc., primarily considers usability and real-time performance, with insufficient attention to security.
(3) Operating system vulnerabilities Most engineering stations, operator stations, and servers of production blast furnace DCS and PLC control systems are not patched or have vulnerabilities that are not fixed, making them susceptible to attacks and intrusions.
3. Solution Overview
1. Data Collection + Physical Unidirectional Upload
Deploy Anmeng Huayu industrial data collection unidirectional optical gate at the boundary between the production network and the office network to achieve high-security isolation at different levels, resisting known and unknown threats. The industrial data collection unidirectional optical gate can actively collect data from the OPC Server and physically upload it to the MES system, ensuring zero feedback of data, with no data returned to the industrial control network. Additionally, the product supports various common industrial protocols such as Modbus and DNP3.
2. Industrial Control Network Boundary Protection
Deploy Anmeng Huayu industrial firewall at the boundary from the data collection workstation to the industrial control network, controlling access behavior based on industrial protocol recognition; by identifying access content and comparing it with established register-based security policies, it confirms whether to allow or block messages, and issues alarms when abnormal messages (exceeding set thresholds) occur.
3. Network Security Auditing
Deploy Anmeng Huayu industrial security auditing system and intrusion detection system at the security management center to quickly identify illegal operations, abnormal events, external attacks, etc., in the office network and industrial control systems, and provide real-time alarms.
4. Host Security Protection
Deploy Anmeng Huayu industrial host guardian at engineer stations and operator stations to prevent user violations and misoperations, block unknown programs, and authorize access to removable storage media, effectively enhancing the deep “immunity” capability of industrial control hosts.
5. Secure Operations and Maintenance
Deploy Anmeng Huayu bastion host to manage and audit system login authorization for operation and maintenance administrators and third-party service personnel, restrict operational commands, and conduct full-process screen recording audits.
6. Security Management
At the security management center, deploy Anmeng Huayu security management platform to collect real-time information from devices, monitor communication traffic and security events of terminal devices in real-time. Conduct uninterrupted security event correlation analysis, integrated security control, and multi-perspective, multi-level management and situational awareness.
4. Value of the Solution
1. Seamless Compatibility: Anmeng Huayu industrial data collection unidirectional optical gate product data collection module supports multiple industrial protocols, enabling seamless integration with the industrial control systems of steel enterprises, achieving data collection and physical unidirectional upload, tailored for security.
2. Protocol Unification: Anmeng Huayu industrial data collection unidirectional optical gate can act as a data collection proxy for various industrial protocol types, forwarding them to the collection server using a unified industrial protocol. When using OPC DA for protocol forwarding, it ensures protocol isolation between the external unit of the optical gate and the data collection server, while also eliminating the cumbersome traditional OPC configuration DCOM operations, reducing workload.
3. Visual Control: Achieve management and auditing of operations in the production network business system, allowing for full-process management of operational personnel with “pre-knowledge, in-control, and post-check”.
4. Abnormal Operation Auditing and Attack Early Warning: Quickly identify related illegal operations, abnormal events, external attacks, etc., in the data collection layer, and provide real-time alarms.
5. Comprehensive Auditing: Can complete real-time information collection from data collection layer devices, monitor communication traffic and security events of terminal devices in real-time. Conduct uninterrupted security event correlation analysis, with a powerful integrated security control function interface, multi-perspective, multi-level management, and security visualization.
About Anmeng Information
Beijing Anmeng Information Technology Co., Ltd. (referred to as: Anmeng Information) was established in March 2005 in Beijing. After sixteen years of steady development, it has established more than 20 branches and offices nationwide, with three major R&D bases in Beijing, Changsha, and Wuxi, and a service network covering the provinces and cities where major customers are located.
Anmeng Information holds the industry-leading position in many areas, including market share in network barriers and optical barriers, product categories derived from boundary security, boundary isolation industry solution capabilities, continuous investment in R&D, performance of network barrier products, and innovation in password supervision platforms. Its industrial firewalls and industrial auditing products are the only security company in China to pass testing by Honeywell’s global security laboratory in Singapore. The industrial network barrier and industrial firewall are the first in China to pass testing by the National Engineering Laboratory.
Anmeng Information has a top-notch network security R&D team in China, focusing on the differentiated needs of users in different industries, professionally providing industry application scenario solutions and personalized products. Its products are widely used in high-security-demand industries such as government, energy, military, aerospace, transportation, metallurgy, chemical, finance, and healthcare, serving over ten thousand end customers.
Anmeng Information insists on independent R&D and technological innovation as its core competitiveness. It possesses three major information security service qualifications: first-class security engineering and information security emergency response, has been recognized as a national high-tech enterprise and a Zhongguancun high-tech enterprise, and has been a member unit of Beijing’s information technology application innovation working committee, industrial information security emergency service support unit, and industrial control system industry alliance. In 2019-2020, it won the “Excellent Solution for Intelligent Construction in Political and Legal Affairs” award for two consecutive years and was recognized as a national high-tech enterprise and a Zhongguancun high-tech enterprise.
Facing the historical development opportunities of the new generation of information technology in IoT, networking, data connectivity, and intelligence, Anmeng Information will strive to become the first brand of “new generation boundary security solutions” and a leading provider of commercial password application solutions and industrial internet security operation services in China, serving the national digital China and network power development strategy, making everything interconnected simpler and safer!
About Fengrui Technology
Commercial Platinum Agency Certificate
Fengrui Technology Partners
Guangzhou Fengrui Information Technology Co., Ltd. (hereinafter referred to as: Fengrui Technology) was established in 2010 and is an IT overall solution service provider based on cloud computing and big data, mainly composed of software product division, data security division, and system integration division.
Software Product Division: Empowering IT management with big data, early cooperation with domestic APM industry giants, providing integrated solutions for enterprise users in three major areas: application performance management (APM), business operations (BPI), and intelligent operations (AIOPs). It also provides product development for cloud platform applications, covering areas such as production manufacturing, warehouse management, inventory management, project management, customer relationship management, human resource management, group consolidated reporting, and financial shared services. After years of unremitting efforts, the company now holds nearly 20 invention patents and over 30 software copyrights, achieving multiple technological breakthroughs and possessing strong technological advancement.
Data Security Division: Collaborating with domestic and foreign security giants, mainly providing application security, data security, industrial control security, and security services as network information security service solutions.
System Solutions Division: Provides overall solutions for comprehensive wiring, data centers, IT operation management, virtualization, and cloud platform construction.
Fengrui Technology has provided services to thousands of customers, covering various industries including government, finance, operators, internet, aviation tourism, energy power, industrial manufacturing, education, etc., and has won widespread trust and recognition from customers with high-quality products and professional services.
Contact Us: Guangzhou Fengrui Information Technology Co., Ltd.
Contact Address: No. 327 Xingye Avenue, Panyu District, Guangzhou
Contact Phone: 020-38200559/38254559
Fax: 020-38254559-8016
