Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Choosing an OT Security Solution? Here Are the 7 Questions to Ask

Look before you leap is excellent advice for security leaders to heed before they select security solutions to reduce Cyber Exposure in Operational Technology (OT) environments. And, who is better qualified to deliver that advice than Gartner?

Gartner recently published a research note, 7 Questions SRM Leaders Aren’t Asking OT Security Providers During Technology Selection, to help you define important requirements for OT security that you might have overlooked. I’ll outline how Tenable Industrial Security can help you address each question Gartner asks in the research report.

#1. “Is the solution vendor-agnostic?”*

Supporting a variety of Industrial Control System (ICS) assets requires an understanding of a variety of protocols. Tenable Industrial Security monitors a wide variety of protocols commonly used by OT devices, including BACnet, CIP, DNP3, Ethernet/IP, ICCP, IEC 69-0870-5-104, IEC 60850, IEEE C37.118, Modbus/TCP, OPC, openSCADA, PROFINET, Siemens S7 and more.

However, protocol support is just the start – support for your specific OT devices is also required. Industrial Security supports systems from dozens of manufacturers, including Siemens, ABB, Emerson, GE, Honeywell, Rockwell/Allen-Bradley and Schneider Electric. Additionally, Tenable commonly works with customers to add support for specific devices, as needed.

#2. “Does the solution provide asset discovery to enable operational continuity and system integrity?”*

Asset discovery is core to virtually all OT compliance requirements and best practices. Asset discovery is challenging in IT environments. It’s even more difficult in OT environments because actively scanning OT networks can disrupt or degrade operations. Therefore, Gartner recommends, “Ensure the solution passively scans and analyzes industrial network communications, provides information about network assets, provides advanced anomaly detection, and alerts in real time for any threat to operational continuity and system integrity.”*

Industrial Security includes Nessus Network Monitor passive sensors, which safely and continuously monitor OT networks to detect and identify assets active on the network. They detect new assets added to the network, passively determine the operating system and display machine-to-machine connections.

#3. “Does the solution detect and alert on known common vulnerabilities and exposures?”*

Gartner’s research note says, “A platform that incorporates known CVE discovery into the security policy will provide faster detection, as well as provide value from Day 1 of its deployment.”* Industrial Security patented vulnerability analysis technology identifies vulnerabilities in sensitive OT systems that cannot be actively scanned due to the risk of disruption or performance impact. Reports present the vulnerability information is a variety of formats. And alerts for critical vulnerabilities can be sent to SIEMs.

#4. “Can the solution evolve from mirror-mode to in-line security?”*

Gartner states, “SRM leaders in many industries will typically prefer to deploy their OT security systems in passive, detection-only mode (mirror-mode), while disabling active preventive capabilities, as older PLCs will stop working when any unexpected traffic touches them. This is a sensible starting point, which reduces the risk of unplanned impact on the operational technology network. However, in certain industrial control systems, as these leaders gain trust with their solution configuration, they will often want to evolve to in-line deployment, which provides some level of active prevention.”* This evolution allows you to increase the depth of detection and analysis where it makes sense.

In addition to Industrial Security passive detection and analysis, Tenable.io Vulnerability Management offers both active scanning and agents for use with IT-based and other robust assets deployed in OT environments. You can easily evolve your approach as you gain confidence.

#5. “Does your solution provide IT support in addition to OT?”*

Gartner states that, “Most OT attacks in the last 10 years started at the more accessible IT network. Security vendors that provide both IT and OT detection may detect an attack at earlier stages, before it enters the OT network, allowing more time to respond and remediate. Obviously, the solutions under consideration must support unique OT security needs, such as protecting OT protocols, supplier remote access to OT equipment and deep packet inspection (DPI). But in addition to OT detection, IT detection, monitoring, and visibility capabilities must be supported as well.”*

Tenable understands that interconnected OT and IT systems cannot be secured in isolation. Our solutions span Industrial-IoT/ICS/SCADA, the cloud and traditional IT, including network devices.

#6. “Does your solution support secure IT/OT alignment?”*

This question addresses the trend to use IT infrastructure in OT architecture layers and the potential risk of using IT security practices and technology that may not be well-suited to OT.

Tenable understands that active security technologies appropriate for IT environments may disrupt and/or degrade performance in OT environments. We’ve provided both active and passive technologies for more than 10 years, and the passive technology understands OT-related protocols.

#7. “Is the solution designed to live in an OT environment from a hardware or operating environment perspective?”*

Industrial Security can be installed on your choice of hardware, including rugged servers designed to operate in harsh conditions. Industrial Security implementations are configurable to meet your network and physical architecture requirements. For example, you can install Industrial Security at each of multiple sub-stations and roll up the results to a master instance for overall visibility.

Please take 10 minutes to read a complimentary copy of Gartner’s research note, 7 Questions SRM Leaders Aren’t Asking OT Security Providers During Technology Selection. If you’d like to discuss your OT security needs, contact us now.

Read Gartner's Research Note

*Gartner, “7 Questions SRM Leaders Aren't Asking OT Security Providers During Technology Selection,” Saniye Burcu Alaybeyi, 11 January 2018.

Ähnliche Artikel

Abonnieren Sie den Tenable Blog

Abonnieren
Kostenlos testen Jetzt kaufen

Testen Sie Tenable.io

60 TAGE KOSTENLOS

Wir bieten Ihnen vollen Zugriff auf eine moderne, cloudbasierte Schwachstellen-Management-Plattform, mit der Sie alle Ihre Assets mit beispielloser Genauigkeit sehen und nachverfolgen können. Melden Sie sich jetzt an.

Tenable.io kaufen

Wir bieten Ihnen vollen Zugriff auf eine moderne, cloudbasierte Schwachstellen-Management-Plattform, mit der Sie alle Ihre Assets mit beispielloser Genauigkeit sehen und nachverfolgen können. Erwerben Sie noch heute Ihre jährliche Subscription.

65 Assets

$2,275.00

Jetzt kaufen

Kostenlos testen Jetzt kaufen

Testen Sie Nessus Professional kostenlos

7 TAGE KOSTENLOS

Nessus® ist der umfassendste Schwachstellen-Scanner auf dem Markt. Nessus Professional unterstützt Sie bei der Automatisierung des Scan-Prozesses, spart Zeit in Ihren Compliance-Zyklen und ermöglicht Ihnen die Einbindung Ihres IT-Teams.

Nessus Professional kaufen

Nessus® ist der umfassendste Schwachstellen-Scanner auf dem Markt. Nessus Professional unterstützt Sie bei der Automatisierung des Scan-Prozesses, spart Zeit in Ihren Compliance-Zyklen und ermöglicht Ihnen die Einbindung Ihres IT-Teams.

Mehrjahreslizenz kaufen und sparen

Kostenlos testen Jetzt kaufen

Tenable.io Web Application Scanning testen

60 TAGE KOSTENLOS

Profitieren Sie vom vollen Zugriff auf unser neuestes Angebot zum Scannen von Web-Applikationen, das als Teil der Tenable.io-Plattform für moderne Applikationen entwickelt wurde. Scannen Sie auf sichere Weise Ihr gesamtes Online-Portfolio auf Schwachstellen – mit hoher Genauigkeit und ohne großen manuellen Aufwand oder Unterbrechung kritischer Web-Applikationen. Melden Sie sich jetzt an.

Tenable.io Web Application Scanning kaufen

Wir bieten Ihnen vollen Zugriff auf eine moderne, cloudbasierte Schwachstellen-Management-Plattform, mit der Sie alle Ihre Assets mit beispielloser Genauigkeit sehen und nachverfolgen können. Erwerben Sie noch heute Ihre jährliche Subscription.

5 FQDN

$3,578.00

Jetzt kaufen

Kostenlos testen Vertrieb kontaktieren

Tenable.io Container Security testen

60 TAGE KOSTENLOS

Profitieren Sie von vollem Zugriff auf die einzige Lösung für Containersicherheit, die in eine Schwachstellen-Management-Plattform integriert ist. Überwachen Sie Container-Images auf Schwachstellen, Malware und Richtlinienverstöße. Integration mit Systemen für die kontinuierliche Integration und Bereitstellung (CI/CD) zur Unterstützung von DevOps-Praktiken, Stärkung der Sicherheit und Unterstützung der Einhaltung von Unternehmensrichtlinien.

Tenable.io Container Security kaufen

Tenable.io Container Security ermöglicht eine nahtlose und sichere Umsetzung von DevOps-Prozessen, indem es die Sicherheit von Container-Images – einschließlich Schwachstellen, Malware und Richtlinienverletzungen – durch Integration in den Build-Prozess transparent macht.

Erfahren Sie mehr über Industrial Security

Demo für Tenable.sc anfordern

Bitte tragen Sie Ihre Kontaktdaten in das Formular unten ein. Ein Vertriebsmitarbeiter wird Sie in Kürze kontaktieren, um einen Termin für die Demo zu vereinbaren.Sie können auch einen kurzen Kommentar mitschicken (begrenzt auf 255 Zeichen). Bitte beachten Sie, dass Felder mit einem Sternchen (*) Pflichtfelder sind.