Cybersecurity Suite
Network MouseTrαp-
Advanced Honeypot

VCL Products > Cybersecurity Suite > Network MouseTrαp
UNMS Supported
1U - 19-inch Rack Mount Version
DIN Rail Version
1U - 19-inch Rack Mount Version
DIN Rail Version

VCL-2143, Network MouseTrαpTM an Advanced Honeypot (Network Intrusion Detector)

Get Data Sheet

VCL Network-MouseTrαpTM is an essential network security tool that sits behind the firewall in a secure environment to detect firewall breaches and unauthorized intrusions in that network. VCL Network-MouseTrαp™ is an advanced “honeypot” / “decoy server” that can be programmed by the user to emulate various types of IEDs, such as Protection Relays, RTUs, or payment gateways, etc., and forms an essential part of the digital forensics kit that may be installed in secure critical infrastructure such as in substations, Smart Grid Distribution Systems, airport and railway IT networks, and financial infrastructure such as banks and payment processing gateways, to “alert” the network administrator of hostile intrusions and firewall breaches.

Security Features and Highlights:

  • Emulations: May be programmed by the user to emulate various types of targets, such as a protection relay, RTU, or Payment Gateway etc. to lure an unsuspecting intruder.
  • White-List option: Sends an alert when the IP address or IP domain is accessed by any entity not in the user-programmed whitelist.
  • Blacklist option: Sends an alert when the IP address or IP domain is accessed by any entity originating from the user-programmed blacklist.
  • User-Programmed Filters: Port (Soft)-Based, IP Address-Based, and IP Domain-Based
  • SNMP trap generation for transmitting security alerts over a secured IP network.
  • Dry contact alarm output.
  • Out-of-band security alerts transmitted over a serial RS232/RS485 interface. RS232/RS485 output that may be wired to a VCL-2702 (1G)/VCL-5072 (10G) Network Kill-Switch to disconnect and isolate the WAN from the LAN in the event of the detection of a “firewall” breach.
  • Alternately, the RS232/Dry Contact Alarm Relay Output from VCL-2143, Network MouseTrαp may be wired to VCL-2778 (1G) or VCL-5078 (10G), Network Failover Switch, to switch the network to a standby (redundant) firewall event of the detection of a breach of the “primary firewall.”
  • Integrated audio and visual alarms with alarm acknowledgment button.
  • Non-volatile access log with the capability to "fingerprint" all access attempts and keep a log of the IP addresses and domain for forensic analysis by the network administrator
  • Resistance to Denial of Service (DoS) Attacks.

Universality of Purpose and Ease of Use:

  • Seamless scalability
  • Infrastructure neutral
  • Transparent to networks and network applications
  • Easy installation and management

Interfaces:

  • Total Number of System Interfaces: 2
    • 1 x 10/100 RJ45 Network-MouseTrαpTM “Decoy-Server / Honey-Pot” Network Interface
    • 1 x 10/100 RJ45 Network-MouseTrαpTM Secured Network Remote Management Interface
  • Dry-Contact Relay Alarm Output.
  • RS232/RS485 output that may be wired to a VCL-2702 Network Isolation Kill-Switch to disconnect the WAN from the LAN in the event of the detection of a firewall breach.
  • Application Note #1: The RS232 or Dry Contact Alarm Relay Output may be wired to a VCL-2778 (1G) / VCL-5078 (10G) Network Failover Switch to switch the network to a standby (redundant) firewall event of the detection of the primary firewall breach.
  • Application Note #2: The RS232 or dry contact alarm relay output may be wired to a VCL-2702 (1G) / VCL-5072 (10G) network kill-switch-switch to isolate the critical assets in the event of the detection of a network intrusion breach.
  • Out-of-band security alerts
  • USB serial port for local access and configuration.

Security, Monitoring, and Access Control:

  • Password protection with password strength monitor
  • Device Management and Alarm Monitoring
  • Command Line Interface—SSH (Secure Access Control) with encrypted password protection, Telnet (with clear text disable option)
  • SNMPv2 and SNMPv3 Traps and NMS for secure, real-time remote monitoring
  • Alarm condition detection/reporting (SNMP traps/SNMP alarm table)
  • Integrated Audio and Visual Alarms with Alarm Acknowledgement Button
  • Dry Contact Alarm Relay for connecting External Audio/Visual Alarms
  • Syslog, Audit Log
  • Secure Boot
  • Encrypted Firmware Updates
  • Optional Integrated NMS (Network Management Software). Provides access to all Valiant's cybersecurity products through a single NMS.

Power:

  • Power: 15V DC to 60V DC.
  • Power consumption: 9W at maximum load
  • 100~240VAC, 50/60Hz (external adapter)
  • 85VbDC ~ 250V DC (external adapter)
  • 1+1 redundant (AC and/or DC) power supply option is available for the 19-inch rack mount version.

Command Language:

  • English text commands
  • GUI (Graphical User Interface)—English

LED Indicators:

  • System Status LED and Power LED
  • Intrusion Detection Alarm LED

Regulatory:

  • Emissions: As per CISPR 32 / EN55032 Class A
  • FCC: Part 15 Subpart A
  • Immunity: EN55024, EN61000
  • RoHS
  • CE

Compliance:

  • Meets CE requirements
  • Complies with FCC Part 68 and EMC FCC Part 15 and CISPR 32 Class A
  • Operation ETS 300 019 Class 3.2
  • Operation ETS 300 019 Class 3.2
  • Transportation ETS 300 019 Class 2.3

Physical and MTBF:

  • DIN-Rail Industrial (IP50) Chassis.
  • Optional 1U Ruggedized Industrial 19-Inch Rack Mount Chassis.
  • Height x Depth x Width: 42 mm x 175mm x 168 mm
  • Weight: <1 Kg
  • MTBF: ≥ 280,000 hours

Applications:

  • The VCL-2143, Network MouseTrαpTM, may be used to secure critical infrastructure, such as substations, smart grid distribution systems, airport and railway IT Networks, as well as Financial Infrastructure such as banks and payment processing gateways.

May be used to secure:

  • Utilities: Power generation, power transmission, and power distribution systems
  • Smart Grid: Power Distribution Systems
  • Oil & Gas pipelines and production facilities
  • Remote nodes in a SCADA network
  • Railway and Airport Infrastructure
  • Financial infrastructure such as banks and payment processing gateways
  • IT Networks of Law Enforcement Agencies.

To detect network breaches/network intrusion in real-time Typical Network Management System (NMS) Architecture

Network Mousetrap
mousetrap
Mechanical Drawing (PDF)

UNMS (Unified Network Management System)

  • Secure (supports TLS/SSL for encrypting connections between devices)
  • Permission-based security
  • Uses Software Defined Perimeter (SDP), the username/password login are replaced with Single-Packet Authorization (SPA) and the receiving device cannot be seen by hackers. This introduces an additional layer of security and is beneficial with or without SSL/TLS.
  • Guaranteed message delivery (no data loss or duplication of data)
Read more