This is a two-part article covering the benefits and new functions of TXOne’s flagship total defense solution for endpoints, Stellar
The challenges of OT endpoint protection
ICS endpoints are often required to maintain consistent quality and uninterrupted performance in complicated or harsh operational environments. Antivirus software for traditional IT systems is not suitable for OT (Operational Technology) environments because it can disrupt productivity cause device crashes or delays in production when it occupies computing resources and leaves few for operational goals. CISOs must strike a balance between cybersecurity and economics – for example, by increasing asset life span instead of retiring old assets.
Furthermore, legacy operating systems such as Windows XP and Windows 7 – still critical to operations in industries such as healthcare – are often totally unsupported by modern antivirus software. Because these systems often play a crucial role in executing customized ICS applications in the factory, protection of legacy devices is a mission-critical concern. TXOne’s solutions are customized for maximum ICS endpoint security without impact on productivity, and are freely adjustable to fit the needs of any ICS environment.
Endpoint protection for modernized endpoints
For modernized assets, StellarProtect combines machine learning with the ICS Root of Trust (RoT) to protect against known and unknown malware. StellarProtect also continuously monitors the system to understand how users interact with ICS applications and uses this information to intelligently determine whether applications are trustworthy and whether they should be allowed to access files, system libraries, and potentially sensitive settings or data.
StellarProtect has three main advantages:
1. StellarProtect can run in a non-connected environment and still provide protection against known and unknown attacks.
2. TXOne’s rating service collects and verifies various ICS applications and credentials and aggregates them into a database. This technology eliminates the need to scan known files and dramatically reduces the burden on the system.
3. StellarProtect learns the operational sequence of each ICS application when it runs, and creates profiles according to their operational needs. Any operation not included in this operation learning profile will be determined as suspicious and will be blocked.
We’ll be back next week with more details about Stellar’s customized defensive solution for fixed-use and legacy endpoints, StellarEnforce