Bayshore Expands its Security Product Family to Include Bilateral Security

May 25, 2021 by Alessandro Mascellino

Industrial security expert Bayshore Networks announced an expansion of its NetWall product line.

The latest addition to the NetWall family is dubbed NetWall BSG (Bilateral Security Gateway) and builds on the existing NetWall USG (Unidirectional Security Gateway) version.


Video used courtesy of Bayshore


The new model is already available on Bayshore’s website.


The NetWall Product Family

Bayshore’s NetWall family products are firstly designed to offer companies Open Platform Communications Unified Architecture (OPC UA) support. OPC UA refers to a platform-independent, service-oriented architecture released in 2008 to integrate all the functionality of the individual OPC Classic specifications into one extensible framework.


Bayshore NetWall BSG. Image used courtesy of Bayshore


OPC UA encompasses the original design specification goals of functional equivalence, platform independence, security, extensibility, and comprehensive information modeling. By adhering to these standards, the NetWall solutions offer compatibility with several SCADA systems using OPC UA as one of their core transport options.

This, in turn, enables unilateral replication between server nodes in these systems, with full fidelity of the entire schema and no risk of controls being inserted from the destination network. Moreover, all NetWall products shield and isolate critical assets and sensitive networks from cyberattacks and misuse when installed, thus increasing the overall security of a given system.


Building on the NetWall USG

Both NetWall USG and BSG support real-time file and data replication outside the electronic perimeter to corporate business systems. They can transfer control systems data, log files, database records, and other pertinent data to IT data centers, security operation centers (SOCs), and cloud-based data storage.

Both gateways come in 50 MB, 100 MB, and 1 GB capacity, costing respectively $15K, $20K, and $30K.


The BSG consists of two devices: a blue one for the trusted site, and a red one where data is sent with no return path. Image used courtesy of Bayshore


The new BSG, however, introduces a new feature allowing the system to receive data replies from selected destinations on the untrusted network. This happens via a TCP connection started from the trusted network to a destination (like a Microsoft SQL Server, for instance) on the untrusted network.

The destination may then respond with data back to the initiator. Still, no connection can be initiated from the untrusted network back to the trusted network to ensure a high level of security during data transfers.


Supporting Secure Industrial Networking

Gateways are utilized in several industrial automation applications, but today’s most common is bridging PLC systems from different manufacturers and segmenting networks. The new NetWall BSG aims to be an efficient tool for deployment in both applications.

Bayshore’s goal is to innovate pragmatic, cost-effective solutions for their customers’ needs. The expanded NetWall product provides customers with one vendor throughout multiple pain points in ICS/OT networks. 

In addition, with the release of NetWall BSG, Bayshore is effectively adding new capabilities to its Modular Industrial Controls Cyber Security product line, now offering both unidirectional and bilateral security gateways.

“No company is offering channel partners the wide optionality of OT/ICS Cyber Security products under one umbrella like Bayshore does,” the company’s CEO, Kevin Senator, said.

View the NetWall BSG datasheet for more information. Do you think the latest gateway by Bayshore is secure enough for all the recent cyber attacks on ICS?