The Industrial Defender product stack includes:
ASM: 2U platform specifically designed and built for industrial control systems to ensure the safe and reliable automation of monitoring and managing your control system.
ASA: 1U appliance continually collects information directly from local devices, correlates the information, and routes events and asset configuration data to the ASM for analysis, management, and reporting.
NIDS: 1U appliance monitor all network traffic within the control network security perimeter, enabling detection of various types of suspicious activity. Monitor industry standard protocols and generate alerts that are sent to the ASM for logging and diagnosis.
Although a strong perimeter defense is vital to securing the control network, studies show that up to 70% of attacks are internally initiated and non-malicious in intent. Common non-malicious threats may include an infected USB drive or an infected laptop from a contractor connecting to the control system. Typically these types of security issues appear to be performance problems that are not easily diagnosed using control systems tools.
Industrial Defender NIDS includes over 20,000 signatures including industrial control system protocols such as Modbus, Profibus, ICCP, and DNP3 that are regularly updated. Network intrusion detection monitoring defends against internal and external compromise by detecting unauthorized traffic from any source within your network perimeter.
Legacy and next generation control systems need to be monitored for self-replicating attacks as well as remote compromise of networks. Leidos creates specific industrial rules deployed on our Industrial Defender NIDS sensors to monitor malicious and abnormal activity.
Our network intrusion detection system protects control system-specific data including firmware, configuration databases, display files, topology diagrams, historian data, and process tag data from the increasing threat of intellectual property theft to maintain long term system reliability. Industrial Defender NIDS monitors network traffic for abnormal communication and broadcasts, enabling identification and remediation of latent performance issues.
Industrial control systems security, compliance and operation requirements can span sites that have few assets to plants with thousands of assets. Sites with reliable network connectivity benefit from the Industrial Defender ASM-VM option which provides organizations a more cost effective solution for sites with fewer assets. All of the features and functions of a standard Industrial Defender ASM system are available via the ASM-VM option.
Cyber Kill Chain® and Intelligence Driven Defense® are registered trademarks of Lockheed Martin.