Network Layout 2

The days of building OT networks with traditional IT are gone. Manual configuration with hours or days from an IT pro and expensive hardware has made these tools too costly and complex for OT.

Tosibox takes the best technologies from traditional IT and automates them specifically for OT. Eliminate cost, complexity, and cybersecurity risks by building your critical infrastructure with an OT dedicated tool.

Platform Image 1

 

STEP 1 - SERVERS

The Tosibox VCL is your SCADA agnostic networking hub. Integrate any software and secure it behind your VCL.

- Create always on VPN connections to any on-prem or cloud-hosted environment
- Manage user access down to the port, protocol, IP, or MAC ID level
- Time restrict user network access
- View a real-time user audit log
- Build access groups for simplified data, site, and user management
- Manage data connections to multiple hosted applications 

The VCL can be hosted in any virtual environment including on-prem servers, hyperscaler clouds, or the Tosibox Tier 4 data center. Host where you choose.

STEP 2 - SITES

Connect dispersed assets in 10 seconds. Connect Tosibox edge devices to internet via broadband, WiFi, cellular, or satellite then connect Tosibox LAN to your automation equipment. Every edge device includes:

-Automated Firewall for network segmentation and device security
-Internet invisible infrastructure
-Layer 2 and 3 capable point-to-point VPN connectivity
-Remote access for your team or vendors through physical-first MFA
-Site-to-Server VPN tunnels built automatically through checkboxes
-Auto-failover between multiple internet sources (ethernet, WiFi, cellular, and/or satellite)

Tosibox edge devices are agnostic to hardware. Connect any make and model of automation equipment to Tosibox LAN and communicate with your preferred protocol natively without any drivers.

Sites New 1

 

Platform Image 1

 

STEP 3 - USERS

Provide user access to servers and sites with physical first, multi-factor authenticated access control. Only users with approved, physically serialized devices and proper credentials can access Tosibox secured networks.

-Access provided through physical USB keys or software serializations for PC’s, Android, or IOS devices.
-All user access connections are through 256-bit AES encrypted VPN tunnels
-Provide access via Layer 2 or Layer 3 connections
-Restrict down to the port, protocol, MAC ID, or IP level
-Time restrict user access
-Users can have access to an unlimited number of sites or devices
-Point-to-point networks without any third-party cloud routing - you own the data

Tosibox remote access tunnels can be configured as Layer 2 which gives technicians 'from the bucket access control' from anywhere in the world. Utilize device discovery and the full capabilities of your industrial protocol as if you are directly connected to your automation equipment.

TOSIBOX University - No Complicated Configurations Needed

These videos will explain the automation and fundamentals of your new Services Platform.
Watch the "Platform Overview" video first. Then start your step-by-step journey.
 

Additional Information

TOSIBOX University - Video Series

You are a Building Automation Master already familiar with Tosibox BAS Infrastructure technology.
Below is our Master Class Series highlighting our OEM and Application partners.
Check back often for new additions. 
 
TOSIBOX And...
 

What Can You Do?

Recommended Steps to Protect Your Operational Infrastructure

As part of a proactive cyber posture, the CISA, FBI, and NSA recommend:

Step 1: Secure all IP nodes behind an internet invisible firewall
 
Step 2: Segment operational and IT networks to prevent lateral traversing in the case of an intrusion
 
Step 3: Distribute all access control through physical first, multi-factor authentication
 
Step 4: Institute logging to audit who has accessed what and when
 
Step 5: Backup operational data to minimize downtime in the case of a destructive breach
 
 

How Tosibox Can Help

TOSIBOX Is Your Dedicated Operational Network Platform:

Step 1: Secure - Automated setup of your firewall, network, cloud connection and user access control removes human error and ensures complete cybersecurity
Step 2: Segment - Internet invisible without any static/public IPs or DNS servers, Tosibox is purpose built to support and segment your OT network.
Step 3: Access Control - Tosibox requires Physical First, MFA, allowing only trusted users to access your network
Step 4: Audit Logging - Tosibox central platform provides detailed audit logs of who access what and when.
Step 5: Backup - Your data is backed up, encrypted at rest, and ready for same day disaster recovery
 
For more information, or to set up a time to talk with a TOSIBOX OT specialist, click the contact us link at the bottom of this page.
 
 

Reframe through OT Network Automation

Automated Cybersecurity

The Tosibox Platform is a fully automated OT platform that embeds industry leading cybersecurity in every connection automatically. 

  • -Automated firewall
  • -Automated point-to-point, layer 2 and 3 capable VPN connections
  • -256-bit AES encryption
  • -No Static IPs = Internet invisible
  • -No 3rd party cloud routing
  • -User access control down to the port, protocol, or MAC ID/IP level
  • -Physical first multi-factor authentication
  • -Outbound ports only
  • -Secure boot

 

IT Approved

The Tosibox Platform has been approved by IT groups of global enterprise organizations in over 150 countries, and here is why:

  • -Fully embedded edge-to-edge OT cybersecurity
  • -No static IP or inbound ports
  • -Existing corporate & cloud firewall friendly
  • -Seamless integration with existing IT networks and applications
  • -Full IT/OT network segmentation
  • -All data packets accounted for
  • -No 3rd party cloud routing
  • -Invisible from the internet
  • -Everything cellular ready
  • -1-1 NAT, DHCP, VLAN Support, MAC Filtering, Proxy Support

 

Remote Connectivity

With the Tosibox Platform, you can create point-to-point Layer 2 or 3 capable VPN connections to equipment at the edge in 10 seconds. Once a network has been established, you can manage user access to equipment through simply checking boxes to provide new users cyber secure remote access to equipment at the edge.

The platform is also completely protocol agnostic, meaning, use any manufacturers ethernet capable equipment and speak any protocol you desire. If there is an ethernet port, it will work with Tosibox.

 

Always on Data Connectivity

Creating always on VPN connections to a hosted environment for data collection is as simple as checking boxes. No IPSEC tunnels, Static IPs, or building out port forwarding channels. The Tosibox Platform automates cyber secure, always on connectivity from equipment at the edge to your data analytics applications in the cloud or on prem.

Host your data and applications wherever you choose, that could be in the Tosibox Tier 4 OT Data Center, AWS, Azure, or in an On Prem. Server. 

You can also use whatever data applications you desire. If you already have an application built and hosted, no problem, Tosibox will seamlessly integrate. If you are looking to build your own platform, Tosibox is here to help.

 

User Access Management

Adding or removing users from the network is as simple as checking boxes to provide true physical first multi-factor authentication. This access can be time restricted, or restricted down to the port, protocol, network, or MAC ID level. 

Audit logs of user access times and devices is stored in the Tosibox platform for accurate user management and time stamps.

 

IT/OT Segmentation and Integration

The Tosibox platform was designed with OT in mind. Implementing Tosibox as your OT network solution provides full network segmentation from the IT side, setting the OT network behind its own cybersecurity. This protects your OT network from cyber vulnerabilities or attacks on the IT network. 

Even though you are creating IT/OT network segmentation with the platform, there is still capability embedded for seamless integration with existing enterprise networks and corporate applications.

 

Host with Tosibox

The Tosibox Cloud is a network of Tier 4 Datacenters. We understand the critical nature of Operational Infrastructure and Data which is why we feel our hosting EXCEEDS the out-of-the-box capabilities of the large hyperscaler platform. Highlights for the datacenter component of Tosibox Hosting and Managed Services includes:

  • -All data throughput is included
  • -Fixed Monthly Costs
  • -Encryption of Data-at-Rest
  • -Daily Incremental and Weekly Full Encrypted Backups for immediate recovery
  • -Tier 4 Datacenters with SOC2 Compliance
  • -Additional Industry certifications (e.g. HIPPA, etc.)
  • -24/7 Datacenter Support
  • -Complete Disaster Recovery Redundancy (same country)
  • -Locations in US, UK, Ireland, Australia, Singapore.
  • -Free inbound migrations of existing hosted applications 

 

Minimize Network Downtime Through Redundancy

Tosibox edge nodes can come ethernet/WiFi/Cellular (dual-sim integrated modem), and Satellite capable. We can select the best fit based on your application and network requirements. 

Within the edge node settings is the capability to set the WAN priority. This is configured with a drop down menu to automatically fail-over between multiple internet sources.

Gone are the days where you are tied to one carrier or internet source. Setting up fully-redundant networks through the Tosibox platform has been simplified and automated.

 

-Proj. Example: 

    • First Internet Source: iNet LTE Cellular
    • Second Internet Source: Verizon Cellular
    • Third Internet Source: Satellite Modem
  • The Edge Node will automatically fail-over between carriers to decrease downtime and will also rely on the higher priority sources as first choice.

 

Capable Cellular Carriers:

-TosiSim Quad Carrier Sim (More Info in images below)

-All main cellular carriers including iNet LTE

 

Want to learn more?

TOSIHappy Holidays and Best Wishes for the New Year!

CEO’s Season’s Greetings and Reflections on 2024 As we celebrate this holiday season and prepare for a new year, I want to express my deepest gratitude for your continued trust and partnership. Together, we have achieved remarkable progress, and it is your support that inspires us to keep innovating and delivering exceptional solutions. As we progress through 2024, the landscape of OT cybersecurity has seen significant changes compared to the previous years. These shifts reflect the growing comp...

Read More

Securing the Future of Manufacturing: BONNER Implements Tosibox Solution for DMI's Smart Factory

Digital Manufacturing Ireland (DMI) is an IDA supported organisation based in Limerick, Ireland focused on advancing digital manufacturing technologies. As a showcase for cutting-edge digital manufacturing solutions, DMI highlights the possibilities of modern technological advancements in the industry. BONNER, founded in 1978 in Dublin, is a leading Irish company specializing in industrial automation, calibration, and instrumentation products. They offer advanced solutions in process automation,...

Read More

What Does Tosibox Have to Do with IT? Bridge the Gap Between OT and IT

In an increasingly interconnected world, the line between Information Technology (IT) and Operational Technology (OT) continues to blur, with organizations striving to integrate these domains to create seamless, secure systems. Tosibox plays a unique role in this convergence by enabling secure connectivity solutions that not only enhance OT operations but also align closely with IT objectives. Understanding the IT and OT Divide IT typically refers to systems that process data, such as servers, c...

Read More

Tosibox Announces Partnership with Ingen, UK

Tosibox is thrilled to announce its strategic partnership with Ingen, reinforcing Ingen's dedication to delivering state-of-the-art technology that meets the highest security and efficiency standards for its clients. This collaboration is set to empower businesses across industries with robust, scalable connectivity solutions designed for today’s dynamic digital landscape. "Ingen’s experience and technical capabilities across industries like construction and utilities align perfectly with our vi...

Read More

Webinar: Streamlining Network Security: VLAN Management and Endpoint Control with Tosibox

Some of you may remember our tech webinars, netLabs. Well, now it is time we bring back the tech talk! Get ready for a deep dive into the tech behind the Tosibox Platform! This technical-focused webinar, led by Tosibox experts Martin Lorenz and Kari Hietaniva, explores the VLAN management and endpoint management capabilities of TosiControl. This webinar, or as we like to call it, netLabs, is designed for tech enthusiasts and IT professionals. In this session, you will learn how the Tosibox Platf...

Read More