Application Control Software – Also known as “whitelisting,” this software blocks unauthorized

applications and code on PCs and RTUs. ACE3600 firmware protects user programs with this technique,

and ACE3600 configuration management tools on PCs are protected with McAfee™ Solidifier.

Encryption – An algorithm makes data readable only by a device with a specific key to decrypt the

message. Data stored within the ACE3600 is also encrypted using a 256 bit AES (Advanced Encryption

Standard), meeting FIPS 140-2 Level 1 requirements.

Unused Port Deactivation – Disable communication for any ports that are unused, closing a point of

access that could be exploited by attackers.

Time-Window Commands – When an application generates a command, it assigns a time window; after

the time expires, system components will not execute the command.

This can prevent replicating errors and commands of questionable origin from affecting the network.