logo

 

slogan

Floodgate AGENT

Overview

 

Floodgate™ Agent enables embedded devices to integrate with security management systems, allowing them to operate as trusted, managed network elements. The Floodgate Agent is designed specifically to run on RTOS-based systems and provide integration with Icon Labs Floodgate Manager, the McAfee ePO management system, or other management systems.

 

The Floodgate Agent supports policy management, event reporting, remote firmware updates and situational awareness for RTOS based devices. This enables IT/OT convergence as OT devices can now operate as standard, managed IT assets.

 

Features

The Floodgate Agent is written in portable C code, allowing it to be easily ported to any embedded OS. The Floodgate Agent provides:

Integration with the McAfee ePO & SIEM
Integration with Icon Labs Floodgate Manager
Extensible to allow support for other management systems
Security policy management
Event notification
Event reporting API supports device and application specific events
Audit log support
Situational awareness
Secure remote firmware updates
Remote Key Management

 

Secure remote firmware updates

The Floodgate Agent is integrated with the Floodgate Secure Boot and IDS modules to enable secure remote firmware updates. The Floodgate Agent also supports TPM integration for key management and storage of validated firmware updates.

The Floodgate Agent secure firmware update module provides:

Remote firmware download/storage
Firmware validation
Writing validated firmware and signatures to secure flash
Device restart
Notification of attempts to install unauthorized firmware
This process insures that only firmware from the device OEM can be installed on the device.

 

Floodgate Security Framework Integration

 

The Floodgate Agent is a component of Icon Labs Floodgate Security Framework (FSF). FSF provides key security building blocks for embedded devices, including secure boot, intrusion detection, secure remote firmware updates, and an embedded firewall.

 

The Floodgate Agent can be used as a standalone component or integrated with the FSF to provide security policy management, situational awareness, event reporting and command audit log support.

 

 

 

 

 

 

Floodgate VM architecture

The Floodgate Agent is a portable lightweight agent that is integrated into RTOS-based embedded endpoint. The Floodgate Agent integrates directly with management systems such as Icon Labs Security Manager.

For security management systems such as the McAfee ePO that require a larger, less portable agent, the Floodgate Proxy solution provides the necessary integration. The McAfee Agent and Floodgate Proxy software run on the Floodgate VM and handle all ePO specific communication requirements. This architecture isolates the RTOS agent from any vendor specific requirements and enabling integration to various management systems with the lightweight agent.