Industrial Control Systems ICS & SCADA Security

Protecting ICS (Industrial Controls Systems) poses unique challenges. Service uptime, data interity, compliance and public safety require organizations takes steps to safeguard these most critical assets.

Check Point Secures ICS/SCADA Networks

ICS Threat Landscape

Digitalization of operational and industrial systems increases the attack surface and the risk of cyber-attacks on critical and ICS infrastructures. Connectivity between the IT and OT networks, remote operator access or even unprotected access within the OT network exposes these systems to a variety of threats.

Attack Sources

  • State Actors
  • Bot Operators
  • Insiders

Attack Vectors

  • Spear Phishing
  • Crypto Miners
  • IT to OT Lateral Movement
  • Tailored APT Attacks

Why Check Point for Securing ICS

Protect IT

Eliminate the threat to OT with Advanced IT Threat Prevention


Enforce access rights and segregate IT from OT

Protect OT

Deploy specialized ICS/SCADA security technologies

Secure ICS/SCADA Environment

Prevent Threats At the Source
Prevent Threats At the Source

Use Threat Prevention in the IT and the perimeter to eliminate attacks with no impact to control systems

SandBlast Mobile Example
Segment—Apply Least Access Privilege

Establish boundary protection and micro segmentation between networks and equipment on the shop floor.

SandBlast Mobile Example
Visibility Into SCADA Protocols and Commands

Real time SCADA protocol monitoring and logging, see

SandBlast Mobile Example
Visibility of ICS Assets and Networks

  • Discover assets information
  • Establish traffic baseline and network schemes
  • Learn traffic patterns and behavior
SandBlast Mobile Example
Enforcement—Secure with Zero Impact

  • Set policies - allow only what is needed
  • Alert on anomalies
  • Analyze attack vectors
  • Scan for assets vulnerabilities
  • Deploy virtual patching technology

Explore the Technology Used in our ICS Solution

Security Gateways

Use any Check Point Next-Gen Threat Prevention gateway with NGFW, NGTP, or NGTP + SandBlast Zero-day Protection.


AAD (Asset and Anomaly Detection)

Virtual Machine software provides the Asset Discovery and management and the Anomaly Detection.


Application Control

Included in any NGFW, NGTP or NGTP + SandBlast Zero-day Protection bundle, provides SCADA protocol and command visibility and passive or active policy enforcement.


Intrusion Prevention (IPS)

Included in any NGFW, NGTP or NGTP + SandBlast Zero-day Protection bundle, provides virtual patching for known vulnerabilities of Windows-based hosts, servers and SCADA equipment.


Unified Central Management

Our security management provides unified security policy and threat management of IT and OT networks.



Secure Harsh Environments with 1200R

Ruggedized security gateway, compliant to rigid environmental standards needed for harsh environments.


“The Check Point 1200R delivered ruggedization, comprehensive security, centralized visibility, and compliance best practices in one product. Its footprint is so small that it easily fit in every environment we needed to place it.”
– Melissa Kjendle, Cybersecurity and Senior Infrastructure Analyst

Talk to a specialist

Get pricing

0/5 (0 Reviews)
Diese Website verwendet Cookies, um höchste Benutzerfreundlichkeit zu gewährleisten. Verstanden, danke! MEHR INFOS