Monitoring as OT cybersecurity strategy
Monitoring forms a crucial part of any Operation Technology (OT) cybersecurity strategy. Paessler PRTG monitoring software can help make your industrial infrastructure more secure.
It’s no longer recommended to isolate OT environments from the outside world as a security strategy. IT/OT convergence, the need to allow equipment vendors remote access support, and the need to collect, analyze and store sensor data from IIoT applications all require industrial networks to be connected to external systems or devices. And that means: They are vulnerable to attack.
Anomaly detection
Sudden spikes in bandwidth usage. Unusual traffic. Unexpected new connections. These are just some examples of typical anomalies – or deviations from the norm – that could possibly indicate malicious activity in a network.
How PRTG can help
You can first use PRTG to understand what is “normal” in your network. And then you can define alerts and notifications that are triggered when defined thresholds are exceeded, thus alerting you to anomalies and potentially suspicious activity in your network.
Defense in depth
Several segmented layers of defense can help to keep the core OT network safe. Industrial firewalls commonly provide a layer. Network segmentation, where the OT network is either vertically segmented (separated from the IT network by an industrial demilitarized zone) or horizontally segmented (the OT network is separated into several zones) are also defense-in-depth strategies.
How PRTG can help
Monitoring can form a critical part of a defense-in-depth approach by watching over the industrial firewalls, the interfaces between segments, and other potential risks like open ports.
IPS and IDS
Industrial Intrusion Prevention Systems (IPS) and Industrial Intrusion Detection Systems (IDS) are both deep packet inspection methods used to keep OT networks safe. These systems either prevent an intrusion or trigger a notification when anomalous data is discovered, depending on the system in use.
How PRTG can help
PRTG can be used alongside IPS and IDS solutions to provide a full picture of what’s happening in the OT network.
OPC UA monitoring
OPC UA is a common standard in industrial environments, and checking for unusual OPC UA activity in a network is a good way of spotting a cyber attack. Additionally, OPC UA employs certificate-based X.509 encryption, and the certificates should be constantly monitored to ensure their validity.
How PRTG can help
PRTG can check for unusually large numbers of rejected OPC UA calls or sessions in a network, which might indicate malicious activity. Furthermore, PRTG monitors OPC UA certificates throughout the OT environment to ensure that they are always valid, thus preventing downtime or lapses of security caused by their expiry.
Monitoring industrial firewalls
When it comes to security in any network, firewalls are key, and it’s no different for Operation Technology (OT) networks. Here’s how Paessler PRTG helps you keep your firewalls safe:
- Monitors the status of the firewall
- Monitors incoming and outgoing traffic
- Triggers automatic alerts in the case of issues
- Is compatible with countless manufacturers
- Has native sensors for devices from Fortigate, Cisco and more
It’s not just cybersecurity, but physical security as well
Security is important in an industrial environment – not only to prevent access by intruders,
but also to prevent hazards, such as fires and water damage.
CCTV system monitoring
IP camera systems consist of multiple components: cameras, video recorders, memory systems, power supplies, and network and data transmission systems. Paessler PRTG continuously monitors the availability and performance of all these components.
Data from IoT sensors
IoT sensors are commonly used to monitor environmental conditions on the factory floor, such as temperature, humidity, vibration levels, voltage and more, as well as access to doors or windows. Using SNMP, MQTT and other mechanisms, PRTG can retrieve data from the sensors and also monitor their health.
PRTG in an industrial environment
PRTG is monitoring software that brings in elements from all areas, so you can monitor the health, status and condition of machines, control systems, devices, and more across IT, OT and the IIoT:
- Out-of-the-box support for common industrial and IIoT standards and protocols – OPC UA, MQTT, Modbus, and more
- Visualize your environment in dashboards that include IT, OT, and IIoT elements
- Get data from industrial gateways about the factory floor and IIoT
- Monitor industrial ethernet devices in your OT environment
- Extend the functionality of common industry solutions to provide expanded functionality
- Get alerts and notifications when values exceed predefined thresholds
More about Paessler PRTG and industrial security on our blog
“Easy to implement and configure with good technical support.”
R. v. S., ICT Manager at Heinen & Hopman Eng BV
Get your free white papers
White paper I
In modern industrial IT, the right teams need the right data. Our guide shows how to implement holistic monitoring that brings elements from IT, OT and IIoT into your dashboards.
White paper II
Our second guide gives you inspiration and ideas for dashboards that feature IT, OT and IIoT data – all in one place. We show you what truly convergent industrial dashboards look like!