One of the very first things that is important for making an OT environment safe is making an inventory of the equipment such as PLCs, HMIs, SCADA systems, switches, and so on. In addition, it is important to know which communication flows exist from and to the aforementioned OT assets so that firewall policies can be made at a later stage.
Especially in large, distributed environments, it is often difficult to get a clear overview of the OT assets, related vulnerabilities and mutual traffic flows. Documentation is often outdated and the knowledge of the factory is in the minds of employees.
Asset management is the foundation of a cyber-secure OT environment. But also at the basis of Industry 4.0 applications. After all, you want to collect data from as many measuring points as possible – but then you have to know which measuring points there are!
Because it is impossible in most environments to ‘manually’ get an overview of all installed equipment, it is inevitable to use technology. And luckily it’s not complicated! A sensor (physical or virtual) can easily be connected to the network, which passively listens in to the traffic flows. In this way it becomes clear which OT assets there are, what their vulnerabilities are, and which communication flows there are – the latter is essential for segmenting the network, but also for identifying unknown traffic flows and detecting from malware. A link can then be made with an existing CMDB so that it is automatically provided with the correct information.
The challenge is to connect the sensor to the right place(s) in the network. Because the network is passively listened to, it is only possible to monitor where traffic passes. Of course we can help with this.
Would you like more information about the possibilities to get an automated overview of the OT environment? If you fill in some information below, you will receive an extensive brochure in your mailbox, including a number of tips to get started right away!