Essential Capabilities for ICS Cyber Security and Operational Visibility


Asset Inventory and Network Visualization
With Guardian*, you can improve system and
process awareness with a visualization interface
that shows all assets and links. Guardian* offers
automated discovery of network assets, helping
staff save time and gain up-to-date visibility. Using
passive, non-intrusive deployment, Guardian*
connects to network devices via SPAN or mirror
ports. In addition, the solution triggers automated
alerts when it detects anomalies and changes and
offers views that make it easy to drill down on asset
information.
Vulnerability Assessment
Guardian* automates the identification of device
vulnerabilities, which means your team can save
time and improve cyber resiliency.
Dashboards and Reporting
Featuring built-in and customizable dashboards,
detailed reports, and ad-hoc querying capabilities,
Guardian* provides intuitive, real-time visibility
that improves both cyber security and operational
efficiency.
Sample Deployment Architecture
A representative Guardian* deployment architecture
Anomaly and Threat Detection
Guardian* provides the advanced features that
enable your team to rapidly detect cyber security
threats, risks, and process anomalies. Guardian*
switches from learning to protection mode
automatically, helping speed anomaly detection.
Once in protection mode, you’ll be alerted to any
changes in your environment. For example, the
system can generate alerts if new assets connect
to the network or changes are made in process
variables.
The solution employs multi-faceted capabilities
to identify threats through built-in behaviorbased anomaly detection and contextual threat
information from the OT ThreatFeed service.
OT ThreatFeed is an additional subscription
service that includes rules, signatures, and other
indicators to help you detect new and emerging
threats. With this complete ICS security solution,
your team can detect:
• Malware, ransomware, and other malicious
software
• Zero-day attacks
• Complex threats and attacks
• Man-in-the-middle attacks
• Brute-force and DDoS attack