In This Article:
KVH Industries has introduced the CommBox Edge Secure Suite, an advanced service aimed at enhancing cybersecurity threat detection and response for maritime operations.
This new offering is designed to identify, prevent, and report cybersecurity threats, actively blocking harmful traffic in real time to safeguard vessel communications and network security.
The CommBox Edge Secure Suite is available as a service option within the CommBox Edge platform, which serves as a comprehensive management tool for maritime IT professionals.
It is compatible with both the CommBox Edge 6 and Edge 2 belowdeck appliances, as well as the CommBox Edge virtual machine option, providing a better upgrade to the existing capabilities of the CommBox Edge.
This platform allows users to manage a variety of wide area network (WAN) options, including very small aperture terminal (VSAT), low earth orbit (LEO) services, and 5G cellular networks, all supported by the KVH ONE global network.
The CommBox Edge system can accommodate up to 30 onboard local area networks and provides secure remote access to networked devices, high-speed virtual private network (VPN) links, and deep packet inspection.
KVH global sales senior vice president Chad Impey said: “CommBox Edge Secure Suite is designed for rapid, easy, and affordable deployment while delivering advanced detection, prevention, and reporting capabilities.”
The Secure Suite utilises advanced cybersecurity technologies, including Cisco Talos, which focuses on both emerging and existing cyber threats.
This integration allows the Secure Suite to effectively recognise and respond to new threat identifiers and patterns.
Additionally, Cisco Snort is employed to monitor and analyse malicious network traffic in real time, utilising Cisco Talos rulesets to enhance threat identification and mitigation.
Key features of the Secure Suite include an intrusion prevention system (IPS), active quarantine capabilities, and a cloud-based threat dashboard.
These components work together to reduce cyber risks associated with vessels, networks, and crews. The service is structured around three main functions, including detection, prevention, and reporting.
The IPS monitors traffic for suspicious patterns and known attack signatures, responds to malicious actions by blocking harmful traffic, and generates alerts for administrators.
The threat dashboard captures detailed threat logs and reports this information to an offsite security information and event management (SIEM) system or security operations centre (SOC) for further analysis.