Tofino NetConnect LSM

Secure remote configuration

  • Convenient and reliable configuration
  • Tofino SA discovery
  • Validation and auditing of field configurations

The Tofino NetConnect LSM lets the Tofino Configurator and the Tofino Security Appliance communicate securely over any network. This allows you to discover unconfigured Tofino Security Appliances on the network, and apply and verify their configuration—all from your PC without having to physically visit the hardware devices in the field.

The Discovery feature lets you find the Tofino Security Appliances on your network that were installed straight out of the box. Field technicians don’t need to enter an IP address or set any dip switches. Tofino Discovery works over any IP-based network, including wide area networks and routed LANs.

Once the configurations for a group of Tofino Security Appliances are defined in the Tofino Configurator, the NetConnect LSM lets you securely transfer those configurations to the devices in the field. The Verify command lets you record and verify the configuration of any Tofino Security Appliance, ensuring that the data in the hardware matches all information in the software database.

Summary

Saves You Money Through:

  • Easy and reliable remote configuration of your Tofino Security Appliances
  • Simple validation and auditing of all field configurations
  • Reduced maintenance and training costs for field installation of firewalls

Features

  • Stealthy IP address-free discovery and configuration over routed networks
  • Configuration and validation of multiple Tofino Security Appliances
  • Simultaneous configuration and verification ensures system compliance
  • Automatic downloading of log and diagnostic files
  • Secure auditing of all changes to firewall configurations

Application

  • Configuration of devices in remote locations, such as off-shore platforms and electrical substations
  • Configuration in sites where skilled security staff are unavailable
  • Compliance to standards like NERC CIP that require confirmation of firewall configurations in the field

Specifications

Automatic Discovery

Discover unconfigured Tofino Security Appliances on any IP-based network, including networks with existing routers or firewalls

Secure Communication

  • Uses secure SSH encryption technology to configure each Tofino Security Appliance
  • Unique keys generated for every Tofino Security Appliance

Multiple Device Configuration

Select one or many Tofino Security Appliances to simultaneously apply the device configurations across a plant

Verification

Remote verification of firmware versions and configurations, including version tracking and checksum validation

Log and Diagnostic File Download

Remotely download event log and diagnostic files over the network

Stealth Addressing

Uses Tofino’s patented IP address-free communications technology

Operating Modes

All standard Tofino modes supported:

  • Test: all traffic allowed; alerts generated as per user rules
  • Operational: traffic filtered and alerts generated as per user rules

Upgrading Firmware

Upload new firmware to Tofino Security Appliances over the network

Auditing

  • Automatic auditing of user activity, including configuration changes to either the database or the in-field Tofino Security Appliances
  • All configurations signed to detect tampering or out of sync systems

System Requirements

Ordering Information

Tofino™ NetConnect LSM: Part number 942 016-119


Additional information:

Tofino NetConnect LSM Datasheet