Tofino NetConnect LSM
Secure remote configuration
- Convenient and reliable configuration
- Tofino SA discovery
- Validation and auditing of field configurations
The Tofino NetConnect LSM lets the Tofino Configurator and the Tofino Security Appliance communicate securely over any network. This allows you to discover unconfigured Tofino Security Appliances on the network, and apply and verify their configuration—all from your PC without having to physically visit the hardware devices in the field.
The Discovery feature lets you find the Tofino Security Appliances on your network that were installed straight out of the box. Field technicians don’t need to enter an IP address or set any dip switches. Tofino Discovery works over any IP-based network, including wide area networks and routed LANs.
Once the configurations for a group of Tofino Security Appliances are defined in the Tofino Configurator, the NetConnect LSM lets you securely transfer those configurations to the devices in the field. The Verify command lets you record and verify the configuration of any Tofino Security Appliance, ensuring that the data in the hardware matches all information in the software database.
Summary
Saves You Money Through:
- Easy and reliable remote configuration of your Tofino Security Appliances
- Simple validation and auditing of all field configurations
- Reduced maintenance and training costs for field installation of firewalls
Features
- Stealthy IP address-free discovery and configuration over routed networks
- Configuration and validation of multiple Tofino Security Appliances
- Simultaneous configuration and verification ensures system compliance
- Automatic downloading of log and diagnostic files
- Secure auditing of all changes to firewall configurations
Application
- Configuration of devices in remote locations, such as off-shore platforms and electrical substations
- Configuration in sites where skilled security staff are unavailable
- Compliance to standards like NERC CIP that require confirmation of firewall configurations in the field
Specifications
Automatic Discovery
Discover unconfigured Tofino Security Appliances on any IP-based network, including networks with existing routers or firewalls
Secure Communication
- Uses secure SSH encryption technology to configure each Tofino Security Appliance
- Unique keys generated for every Tofino Security Appliance
Multiple Device Configuration
Select one or many Tofino Security Appliances to simultaneously apply the device configurations across a plant
Verification
Remote verification of firmware versions and configurations, including version tracking and checksum validation
Log and Diagnostic File Download
Remotely download event log and diagnostic files over the network
Stealth Addressing
Uses Tofino’s patented IP address-free communications technology
Operating Modes
All standard Tofino modes supported:
- Test: all traffic allowed; alerts generated as per user rules
- Operational: traffic filtered and alerts generated as per user rules
Upgrading Firmware
Upload new firmware to Tofino Security Appliances over the network
Auditing
- Automatic auditing of user activity, including configuration changes to either the database or the in-field Tofino Security Appliances
- All configurations signed to detect tampering or out of sync systems
System Requirements
- Tofino Security Appliance
- Tofino Configurator software
- Tofino Firewall LSM
Ordering Information
Tofino™ NetConnect LSM: Part number 942 016-119
Additional information:
