Network Layout 2

The days of trying to build and scale OT networks with Traditional IT solutions are gone. Incorporating a mixture of IPSEC tunnels, port forwarding, private APN's, cell modems, Cisco, Fortinet, Palo Alto, and various other IT tools have proven to be overly complex and expensive. 

The Tosibox platform has taken all of the complexity of these traditional networking tools and automated them in 10 seconds. Reduce costs, complexity, and cybersecurity risks of traditional networking through 3 simple steps explained below.

Platform Image 1

 

STEP 1 - PLATFORM

The Tosibox Platform is your OT networks central management Hub. From your platform you can:

- Create always on VPN connections to any on prem. or hosted environment for data collection
- Manage user access down to the port, protocol, IP, or MAC ID level
- Time restrict user network access
- View a real-time user audit log
- Build access groups for simplified data, site, and user management
- Manage data connections to multiple hosted applications 

The Platform is a virtual machine that can be hosted in Azure, AWS, The Tosibox Data Center, or any other cloud or on prem. environment. It is your platform, you host it where you choose.

STEP 2 - SITES

Site installations with Tosibox edge nodes are as plug-and-go as it gets. Clip on din-rail, provide power, plug into any ethernet capable device or switch, and provide internet. Once installed, you have built in:

-Automated Firewall for network segmentation and device security
-Taken away static IP's and closed off inbound ports
-Layer 2 and 3 capable point-to-point VPN connectivity
-Remote access for your team or vendors through physical-first MFA
-Site to Cloud VPN tunnels built automatically through checkboxes
-Auto-failover between multiple internet sources (ethernet, WiFi, cellular, and/or satellite)
-Protocol agnostic, Layer 2 capable platform allows you to connect any ethernet capable devices and speak any protocol you choose.
-Have multiple sites communicate on the same network through checkboxes in the platform

Sites New 1

 

Users New 1

 

STEP 3 - USERS

Provide user access to your OT network through physical-first multi factor authentication. This takes traditional MFA (username and password) to a higher level by limiting network access to a specific device that has been serialized and approved. Adding users to your network is as simple as generating a serialization, sending it to the user, and checking boxes of what you want them to have access to. 

-Access provided through physical USB keys or software serializations for PC’s, Android, or IOS devices.
-All user access connections are through 256-bit AES encrypted VPN tunnels
-Access can be provided via Layer 2 or Layer 3 connections
-Can be restricted down to the port, protocol, MAC ID, or IP level
-User access can also be time restricted
-Access can also be provided or withdrawn immediately
-Users can have access to an unlimited number of sites or devices
-Devices can have an unlimited number of users accessing that device

 

iStock-1357436820

Try it for Yourself

If you watched the video or read through the steps above, you have just learned how to build cybersecure OT networks in seconds. The next step is to see it in action within your own application. 

Tosibox offers a 30 day risk free proof of concept that is tailor fit to your specific goals. Click the button below to schedule a PoC discussion.

 

Proof of Concept Meeting

TOSIBOX University - No Complicate Configurations Needed

These videos will explain the automation and fundamentals of your new Services Platform.
Watch the "Platform Overview" video first. Then start your step-by-step journey.
 

Additional Information

TOSIBOX University - Video Series

You are a Building Automation Master already familiar with Tosibox BAS Infrastructure technology.
Below is our Master Class Series highlighting our OEM and Application partners.
Check back often for new additions. 
 
TOSIBOX And...
 

What Can You Do?

Recommended Steps to Protect Your Operational Infrastructure

As part of a proactive cyber posture, the CISA, FBI, and NSA recommend:

Step 1: Secure all IP nodes behind an internet invisible firewall
 
Step 2: Segment operational and IT networks to prevent lateral traversing in the case of an intrusion
 
Step 3: Distribute all access control through physical first, multi-factor authentication
 
Step 4: Institute logging to audit who has accessed what and when
 
Step 5: Backup operational data to minimize downtime in the case of a destructive breach
 
 

How Tosibox Can Help

TOSIBOX Is Your Dedicated Operational Network Platform:

Step 1: Secure - Automated setup of your firewall, network, cloud connection and user access control removes human error and ensures complete cybersecurity
Step 2: Segment - Internet invisible without any static/public IPs or DNS servers, Tosibox is purpose built to support and segment your OT network.
Step 3: Access Control - Tosibox requires Physical First, MFA, allowing only trusted users to access your network
Step 4: Audit Logging - Tosibox central platform provides detailed audit logs of who access what and when.
Step 5: Backup - Your data is backed up, encrypted at rest, and ready for same day disaster recovery
 
For more information, or to set up a time to talk with a TOSIBOX OT specialist, click the contact us link at the bottom of this page.
 
 

Reframe through OT Network Automation

Automated Cybersecurity

The Tosibox Platform is a fully automated OT platform that embeds industry leading cybersecurity in every connection automatically. 

  • -Automated firewall
  • -Automated point-to-point, layer 2 and 3 capable VPN connections
  • -256-bit AES encryption
  • -No Static IPs = Internet invisible
  • -No 3rd party cloud routing
  • -User access control down to the port, protocol, or MAC ID/IP level
  • -Physical first multi-factor authentication
  • -Outbound ports only
  • -Secure boot

 

IT Approved

The Tosibox Platform has been approved by IT groups of global enterprise organizations in over 150 countries, and here is why:

  • -Fully embedded edge-to-edge OT cybersecurity
  • -No static IP or inbound ports
  • -Existing corporate & cloud firewall friendly
  • -Seamless integration with existing IT networks and applications
  • -Full IT/OT network segmentation
  • -All data packets accounted for
  • -No 3rd party cloud routing
  • -Invisible from the internet
  • -Everything cellular ready
  • -1-1 NAT, DHCP, VLAN Support, MAC Filtering, Proxy Support

 

Remote Connectivity

With the Tosibox Platform, you can create point-to-point Layer 2 or 3 capable VPN connections to equipment at the edge in 10 seconds. Once a network has been established, you can manage user access to equipment through simply checking boxes to provide new users cyber secure remote access to equipment at the edge.

The platform is also completely protocol agnostic, meaning, use any manufacturers ethernet capable equipment and speak any protocol you desire. If there is an ethernet port, it will work with Tosibox.

 

Always on Data Connectivity

Creating always on VPN connections to a hosted environment for data collection is as simple as checking boxes. No IPSEC tunnels, Static IPs, or building out port forwarding channels. The Tosibox Platform automates cyber secure, always on connectivity from equipment at the edge to your data analytics applications in the cloud or on prem.

Host your data and applications wherever you choose, that could be in the Tosibox Tier 4 OT Data Center, AWS, Azure, or in an On Prem. Server. 

You can also use whatever data applications you desire. If you already have an application built and hosted, no problem, Tosibox will seamlessly integrate. If you are looking to build your own platform, Tosibox is here to help.

 

User Access Management

Adding or removing users from the network is as simple as checking boxes to provide true physical first multi-factor authentication. This access can be time restricted, or restricted down to the port, protocol, network, or MAC ID level. 

Audit logs of user access times and devices is stored in the Tosibox platform for accurate user management and time stamps.

 

IT/OT Segmentation and Integration

The Tosibox platform was designed with OT in mind. Implementing Tosibox as your OT network solution provides full network segmentation from the IT side, setting the OT network behind its own cybersecurity. This protects your OT network from cyber vulnerabilities or attacks on the IT network. 

Even though you are creating IT/OT network segmentation with the platform, there is still capability embedded for seamless integration with existing enterprise networks and corporate applications.

 

Host with Tosibox

The Tosibox Cloud is a network of Tier 4 Datacenters. We understand the critical nature of Operational Infrastructure and Data which is why we feel our hosting EXCEEDS the out-of-the-box capabilities of the large hyperscaler platform. Highlights for the datacenter component of Tosibox Hosting and Managed Services includes:

  • -All data throughput is included
  • -Fixed Monthly Costs
  • -Encryption of Data-at-Rest
  • -Daily Incremental and Weekly Full Encrypted Backups for immediate recovery
  • -Tier 4 Datacenters with SOC2 Compliance
  • -Additional Industry certifications (e.g. HIPPA, etc.)
  • -24/7 Datacenter Support
  • -Complete Disaster Recovery Redundancy (same country)
  • -Locations in US, UK, Ireland, Australia, Singapore.
  • -Free inbound migrations of existing hosted applications 

 

Minimize Network Downtime Through Redundancy

Tosibox edge nodes can come ethernet/WiFi/Cellular (dual-sim integrated modem), and Satellite capable. We can select the best fit based on your application and network requirements. 

Within the edge node settings is the capability to set the WAN priority. This is configured with a drop down menu to automatically fail-over between multiple internet sources.

Gone are the days where you are tied to one carrier or internet source. Setting up fully-redundant networks through the Tosibox platform has been simplified and automated.

 

-Proj. Example: 

    • First Internet Source: iNet LTE Cellular
    • Second Internet Source: Verizon Cellular
    • Third Internet Source: Satellite Modem
  • The Edge Node will automatically fail-over between carriers to decrease downtime and will also rely on the higher priority sources as first choice.

 

Capable Cellular Carriers:

-TosiSim Quad Carrier Sim (More Info in images below)

-All main cellular carriers including iNet LTE

 

Want to learn more?

TOSIHappy Holidays and Best Wishes for the New Year!

CEO’s Season’s Greetings and Reflections on 2024 As we celebrate this holiday season and prepare for a new year, I want to express my deepest gratitude for your continued trust and partnership. Together, we have achieved remarkable progress, and it is your support that inspires us to keep innovating and delivering exceptional solutions. As we progress through 2024, the landscape of OT cybersecurity has seen significant changes compared to the previous years. These shifts reflect the growing comp...

Read More

Securing the Future of Manufacturing: BONNER Implements Tosibox Solution for DMI's Smart Factory

Digital Manufacturing Ireland (DMI) is an IDA supported organisation based in Limerick, Ireland focused on advancing digital manufacturing technologies. As a showcase for cutting-edge digital manufacturing solutions, DMI highlights the possibilities of modern technological advancements in the industry. BONNER, founded in 1978 in Dublin, is a leading Irish company specializing in industrial automation, calibration, and instrumentation products. They offer advanced solutions in process automation,...

Read More

What Does Tosibox Have to Do with IT? Bridge the Gap Between OT and IT

In an increasingly interconnected world, the line between Information Technology (IT) and Operational Technology (OT) continues to blur, with organizations striving to integrate these domains to create seamless, secure systems. Tosibox plays a unique role in this convergence by enabling secure connectivity solutions that not only enhance OT operations but also align closely with IT objectives. Understanding the IT and OT Divide IT typically refers to systems that process data, such as servers, c...

Read More

Tosibox Announces Partnership with Ingen, UK

Tosibox is thrilled to announce its strategic partnership with Ingen, reinforcing Ingen's dedication to delivering state-of-the-art technology that meets the highest security and efficiency standards for its clients. This collaboration is set to empower businesses across industries with robust, scalable connectivity solutions designed for today’s dynamic digital landscape. "Ingen’s experience and technical capabilities across industries like construction and utilities align perfectly with our vi...

Read More

Webinar: Streamlining Network Security: VLAN Management and Endpoint Control with Tosibox

Some of you may remember our tech webinars, netLabs. Well, now it is time we bring back the tech talk! Get ready for a deep dive into the tech behind the Tosibox Platform! This technical-focused webinar, led by Tosibox experts Martin Lorenz and Kari Hietaniva, explores the VLAN management and endpoint management capabilities of TosiControl. This webinar, or as we like to call it, netLabs, is designed for tech enthusiasts and IT professionals. In this session, you will learn how the Tosibox Platf...

Read More