Positive Technologies releases PT ISIM freeView Sensor free ICS monitoring solution | Automation.com

Positive Technologies releases PT ISIM freeView Sensor free ICS monitoring solution

Positive Technologies releases PT ISIM freeView Sensor free ICS monitoring solution

November 9, 2018 -- PT Industrial Security Incident Manager, the line of products for industrial control system (ICS) security from Positive Technologies, now includes a streamlined version: PT ISIM freeView Sensor. Intended for basic ICS security monitoring, this version is free of charge and easy to configure. No special technical knowledge is needed. Downloading and getting started with PT ISIM freeView Sensor takes minutes.

PT ISIM freeView Sensor, provided as a virtual appliance (virtual machine), connects to the mirror/SPAN port of a router on the ICS network. The virtual appliance accesses a copy of ICS traffic (supported protocols include CIP, IEC-104, MMS, Modbus TCP, OPC DA, Profinet DCP, S7, Spabus, ARP, DHCP, DNS, FTP, HTTP, ICMP, SNMP, SSH, Telnet, and TFTP). Since it handles only a copy of traffic, PT ISIM freeView Sensor does not have any impact on ICS performance or operations.

Companies can take back control of their ICS networks with consistent use of PT ISIM freeView Sensor. Features include:

  • Taking inventory of ICS network assets – visualization of network topology with hosts, connections, and groups of hosts
  • Monitoring ICS data flows – full picture of normal host interactions thanks to learning mode, which helps to subsequently detect anomalous behavior and flag incidents
  • Detecting attacks and unauthorized system administration

In addition to performing basic security tasks, PT ISIM freeView Sensor helps users gain the experience needed to get the most out of premium versions of PT Industrial Security Incident Manager. Premium versions come with full technical support, more supported protocols, and support for third-party integration (such as industry-specific systems). Other features of premium versions: intelligent site-aware parsing of traffic, any-time mimic visualization of network assets, site-specific detection scenarios, provision of incident information to an ICS SOC, and enhanced regulatory compliance.

Premium versions of PT Industrial Security Incident Manager come with PT Industrial Security Threat Indicators (PT ISTI). Even without additional configuration, this combination can detect up to 80 percent of the most dangerous and important threats facing ICS networks. These threats include: early-stage attacks and related preparations against ICS software and hardware, misconfiguration, abnormal parameter values, use of potentially insecure networking methods, and unauthorized ICS administration commands. PT ISTI helps to proactively detect ICS network vulnerabilities, including those exploited by ransomware and other malware.

Did you Enjoy this Article?

Check out our free e-newsletters
to read more great articles.

Subscribe Now