StationGuard 2.30 – Improved Efficiency for Intrusion Detection

October 2, 2023

StationGuard is an Intrusion Detection System (IDS) that enables you to monitor Ethernet networks in the power grid and detect cyber threats, prohibited activities and malfunctions. With this combination of cybersecurity and functional monitoring, you can identify not only new threats and unknown attack scenarios, but also different kinds of malfunctions in the power utility.

 

With StationGuard 2.30, you will be able to make your workflows even more efficient. 
Download the new software version free-of-charge in our

 Customer Portal

 

The latest version brings a number of new features:

Custom roles & permissions for all sites

Stop waiting for alerts – take the initiative and define permissions proactively! Now, you can create custom roles and permissions tailored to your devices and network. This advanced feature gives you the freedom to optimize security according to your specific requirements, even if some traffic has not yet occurred during the learning phase.

It also eliminates the need to relearn all permissions and roles at each site. Simply import and export your own unique list of permissions and custom roles seamlessly across multiple sensors and sites using our well-defined JSON format.

 

Role matching & automatic device categorization

Get a smoother experience without the hassle of manual categorization and clueless role assignment. This efficient feature helps you quickly distinguish between different types of devices on your network, saving you valuable time.

In addition, StationGuard's intelligent traffic comparison makes role assignment effortless. The system automatically detects and suggests the most appropriate roles at the top of the list (e.g., ACME-Protec-400-Relay, Protection Testing Laptop B), making it easier for you to assign them with confidence. 

Enjoy enhanced visualization by creating graphical groups for devices such as PCs, IEDs, or network devices and use this easy-to-use feature to streamline your operations and improve your workflow.

 

Find devices in ZeroLine

Tired of wasting time searching, reading, and clicking through countless IEDs? Use the convenient search bar to easily locate and tag devices using various parameters, such as name, type, description, manufacturer, firmware version, hardware version, MAC address, and IP address. All devices matching your search criteria are highlighted in the ZeroLine diagram with a light blue background color. 

The search function can also used to group matching devices together to better distinguish between areas, zones, and security levels during monitoring and analysis for a clearer and more comprehensive view.

 

Device-specific certificates for encrypted communication

Enjoy peace of mind as communication to the device is now even more secure. As of version 2.30, our MBX1 and RBX1 platforms now generate individual certificates for all encrypted communication, further enhancing security. Previously, a common certificate was used for all devices, but this update ensures a unique certificate for each device.   

Please note: You will need to identify and confirm the device once before connecting to it, as the certificates cannot be validated automatically.

 

VBX1: Run StationGuard, StationScout, and IEDScout on existing hardware

After successfully completing an extensive beta phase, the VBX1 has been rigorously tested in a variety of environments to ensure robust stability and reliability.

Along with our proven hardware offerings, the platforms RBX1 and MBX1, our innovative software solutions are now optimized for the VBX1 platform. This ready-to-deploy virtual machine runs effortlessly on VMware systems and delivers uncompromised software performance directly on your current virtualization infrastructure.

To ensure the optimal setup for your network, we invite you to consult with our experts who can help you choose the most suitable solution.

 

Bug fixes and other improvements

  • Info events for allowed communication can now be turned off for each permission individually.

  •  

  • Fixed a bug where StationGuard would not show the NTP time as synchronized, even though the necessary accuracy was reached. 

  •  

  • The use of IEC 60870-5-104 ASDU types in the range 128-255 no longer triggers an encoding alert. This is now a separate alert and communication using ASDU types from this range can be allowed.
  •  

 

Download the new software version free-of-charge in our

 Customer Portal

 

Please click here to find detailed information about StationGuard.

You are using an outdated browser version.
Please upgrade your browser or use another browser to view this page correctly.
×