Representative End User Clients
Representative Automation Clients
Representative Software Clients
As the number of industrial security threats continues to rise, manufacturers are taking a closer look at risks to their environments. The new threat detection services from Rockwell Automation help manufacturers and industrial operators monitor, detect and respond to increasingly complex security threats.
Designed specifically for industrial networks, the new set of services map normal network behavior, and use Rockwell Automation monitoring services to detect and alert operators of irregularities and potential threats in real-time. Integrating industrial security software from providers who understand operational functions within industrial protocols can help secure and optimize the industrial control network while offering visibility across all levels of the OT environment. This means not only threat detection, but real-time monitoring and deep network insights across your assets.
The first step in successfully detecting threats is to be able to inventory your environment. The threat detection services take a product-agnostic approach to create a robust asset inventory across both IT and OT systems in an industrial operation. Diving deep into industrial network protocols, threat detection software maps all of the end user’s network assets and how they communicate with each other.
Once the entire environment is charted, the tool identifies normal operating procedures and creates a baseline. Any deviations from this baseline are annunciated in the form of context rich alerts. The alerts are integrated with Rockwell Automation monitoring services to help inform the response and recovery process. This process includes incident impact analysis, containment and eradication protocols.
The end user is alerted if a security threat is detected, and the predetermined response plan is enacted based on the criticality of the anomaly. This plan includes defined workflows that safely outline the recovery steps to be taken to return to a fully operational state.
The new set of services is built on top of threat detection software, created by Claroty, an Encompass Product Partner of the Rockwell Automation PartnerNetwork program.
Sid Snitkin, ARC Advisory Group, commented, “We are seeing security threats bypass network perimeters more easily. In general, if you can’t prevent a threat before it enters the perimeter, the next best thing is to detect when it gets inside and has the potential to affect operations.”
Keywords: Threat Detection Services, Industrial Networks, Incident Impact Analysis, ARC Advisory Group.