Industrial OT Cyber Security
Asset visibility is at the foundation of an effective OT cyber security strategy.
Rich and complete asset visibility with intelligence-driven context
Any successful cyber security program is built on having an accurate inventory of all your operational technology (OT) and industrial control systems (ICS) responsible for managing your physical processes. Peloton engineers achieve this by rapidly deploying an agentless, non-intrusive network monitoring sensor to provide in-depth visibility of your ICS networks.
By connecting to the SPAN/mirror port of a network switch we passively establish a complete asset inventory and network baseline of normal communications. The sensor connects to a one-way mirror port, ensuring network packets only flow into the sensor to prevent any disruption to your operational processes.
Why perform an asset discovery?
What to expect with a Peloton asset discovery
The process involves four discovery methods: Physical inspection, passive traffic analysis, active scanning (if required) and configuration analysis. For each method we follow a series of steps including:
After gathering information from multiple sources, asset inventory will be updated with criticality (process operation or process safety), financial impact, availability requirement, ownership, consequence and more for each asset.
The Peloton difference
Helps verify and secure assets by mapping and visualising the relationships and communication pathways they have with one another.
Continuously evaluates and expands the breadth of protocol coverage and can provide analysis using deep packet inspection for an in-depth view of network traffic, assets and anomalies.
Integrated threat detection
Helps in gaining comprehensive threat visibility by integrating asset visibility with high fidelity threat detection capability.
Frequently Asked Questions
Asset discovery is a process to discover and get an up-to-date and accurate inventory of ICS & OT assets, including automation controllers responsible for managing physical processes. The discovery process consists of multiple steps, the most important being to rapidly deploy an agentless, non-intrusive network monitoring sensor, which will provide in-depth visibility of your ICS networks – the basis for becoming cyber resilient. By connecting to the SPAN/mirror port of a network switch, we passively establish a complete asset inventory. Peloton engineers work with your network team or service provider to determine the optimal position for the sensor. The sensor will be connected to a one-way mirror port on your network infrastructure, ensuring network packets only flow into the sensor to prevent disruptions of your operational processes.
The benefits of asset discovery are to:
- Reduce operational risks using a minimally invasive approach to minimise risk with network scanning and software agents in an ICS/OT environment.
- Gain a contextual view by analysing OT assets with their relationships and dependencies giving you an instrumental tool to protect your operations from unplanned downtime.
- Establish a baseline by analysing the routine behaviour of your environment to easily spot any deviations that could signal malicious activity.
Asset discovery is the process for getting an up-to-date and accurate visibility of ICS & OT assets, including automation controllers connected to the network. Inventory is the asset database which is an accurate catalogue of OT devices alongside existing enterprise IT assets.