Defend Against Threats to Automation System Infrastructure
Industrial control systems are undeniably becoming larger targets for hackers, bots, and malware. Given the stakes, protecting against these threat actors is critical to ensuring the continued reliability, availability, and performance of automation systems.
Industrial Defender's Protect solution delivers the capabilities of both the Monitor and Manage solution, and bolsters your security program by delivering host intrusion prevention (HIPS). Using a whitelisting application, the HIPS manager administrators define trusted applications for industrial endpoints, preventing rogue application and malware propagation.
Extending beyond whitelisting, the Protect solution secures critical assets against memory exploits within approved applications, while providing centralized administration and reporting, and easing compliance with corporate IT requirements as well as external regulations (i.e. NERC CIP, CFATS, etc.).
Features & Benefits
Single unified view
- Single pane of glass allows data analyzes data from a single location while collecting information from a disparate asset base, eliminating time and complexity of logging into multiple systems
Event logging, correlation and archiving
- Automated collection and correlation identifies events of interest across heterogeneous asset base immediately. Data stored for future forensic analysis in case of security breach
- Central component for complying with audits and regulators - prove what you are doing
Maintain central configuration policy
- A single point of reference for all assets allows users to manage system configuration changes within a controlled and auditable framework, ensuring corporate and regulatory compliance requirements
Manage hardened electronic security perimeter
- Track who is logging into the system, protecting against both malicious intruders and unauthorized users
User account change identification
- Provides audit capabilities for user access to match corporate compliance policies
Device configuration files archiving
- Allows configuration files to be backed up from multiple systems into a common repository for safe storage. Drastically reduces new device onboarding time in the production environment
Prevent rogue applications/malware
- Only authorized applications (the whitelist) are allowed to execute, preventing advanced threats that attempt to execute payloads and other malware
Block unauthorized applications
- By preventing unauthorized applications and memory processes, data and information are protection far beyond traditional antivirus solutions