Sectigo and Green Hills Software Partner to Help Manufacturers Protect Endpoint Devices

November 9, 2020 Tiera Oliver

Sectigo and Green Hills Software announce a global reseller agreement. The agreement enables Green Hills Software to offer Sectigo's Icon LabsTM Embedded Firewall, integrated, and optimized for use with Green Hills Software's INTEGRITY real-time operating system (RTOS) and its embedded high-performance TCP/IP v4/v6 host and router networking stack.

Per the companies, the pairing strengthens Green Hills Software's internet-connected platform solutions with the expanded networking security required in today's connected systems responsible for critical functions for automotive, industrial, medical, transportation, and mil/aero industries.

The INTEGRITY RTOS microkernel architecture is designed for critical embedded systems demanding proven separation, security, and real-time determinism. According to the companies, the operating system's separation architecture helps manufacturers safely and securely partition software running at different levels of criticality. For critical functions, INTEGRITY assures secure and real-time execution by means of partitions that deliver freedom-from-interference and guaranteed system resources.

The Sectigo Icon LabsTM Embedded Firewall enjoys widespread global adoption, combining configurable features to detect and contain cyberattacks.

Configurable filtering policies - Uses configured filtering rules to control the filtering engine. The rules provide complete control over the type of filtering performed and the specific criteria used to filter packets. Rules can be configured for:

  • Static filtering rules for IP address, MAC address, port number, and protocol number
  • Block list and allow list filtering modes
  • DPI filtering rules for message type, message contents, and message source
  • Threshold-based filtering criteria
  • Independently enabling and disabling static filtering, dynamic filtering, DPI filtering, and threshold-based filtering

EDSA Compliance support - Serves as an important building block for achieving EDSA compliance for embedded devices, providing support for many capabilities mandated by EDSA-311:

  • Protocol fuzzing and replay attack protection
  • Data flooding protection
  • Denial of service protection
  • Notification of attacks
  • Disabling of unused ports

Logging and alerting - Maintains a log of security events and policy violations, enabling command audits and forensic investigation to determine the source of an attack.

Management system integration - Incorporates an agent that enables remote management from an enterprise security manager system, or to other Security Information and Event Management (SIEM) systems. This integration provides:

  • Centralized management of security policies
  • Situational awareness and device status monitoring
  • Event management and log file analysis

Intrusion detection and prevention - Blocks all unused ports and protocols, limiting the attack surface hackers can exploit. Logging packets that violate configured filtering rules enables detection of unusual traffic patterns, traffic from unknown IP addresses, and other suspicious behavior.

Green Hills Software's internet-connected platforms are integrated and optimized with Sectigo's embedded firewall and are available today.

For more information, visit: https://www.ghs.com/go/icon-labs

About the Author

Tiera Oliver, edtorial intern for Embedded Computing Design, is responsible for web content edits as well as newsletter updates. She also assists in news content as far as constructing and editing stories. Before interning for ECD, Tiera had recently graduated from Northern Arizona University where she received her B.A. in journalism and political science and worked as a news reporter for the university's student led newspaper, The Lumberjack.

Follow on Twitter Follow on Linkedin Visit Website More Content by Tiera Oliver
Previous Article
Embedded Toolbox: The Ins and Outs of IP Protection for Embedded Systems
Embedded Toolbox: The Ins and Outs of IP Protection for Embedded Systems

One common denominator in the cybersecurity engineering challenge is that security engineering is typically...

Next Article
Toradex joins BlackBerry QNX Channel Partner Program to Deliver Safety-Critical and Secure Software Solutions
Toradex joins BlackBerry QNX Channel Partner Program to Deliver Safety-Critical and Secure Software Solutions

Toradex supports the design and development of secure, mission-critical embedded solutions using BlackBerry...