Establish Cyber-Resilient Operations
Digital transformation has heralded a new era in the energy sector, but is also expanding the attack surface of insecure serial-connected ICS such as RTU’s, PLCs, meters, relays, breakers, and many other cyber-physical devices. Increased connectivity combined with increasingly sophisticated cyber threat actors means utilities are now facing significant risks to the safety and availability of their critical operations. Rather than a ‘rip and replace’ approach, you can safely and securely monitor communications between your serial-connected devices and detect stealthy malicious cyber intrusions.
Securely Monitor Your Serial-Connected Industrial Control Systems
With the SerialGuard AnalytICS Platform you can now address these risks by bringing true visibility and real-time intrusion detection to level 0/1 serial-connected ICS. Combining a fully passive, real-time serial communications sensor with the power of a high-performance analytical and intrusion detection platform, the SerialGuard AnalytICS Platform enables you to securely monitor your high-risk assets and detect anomalies at speed.
Safeguarding Your Critical Operations at Levels 0/1
The SerialGuard AnalytICS Platform is a scalable level 0/1 network Intrusion Detection System that comprises two high-performance components:
SerialGuard®: Fully passive and fail-safe serial packet sniffer that sits in-line between field controllers (level 1) and field devices (level 0) to securely capture real-time serial communications.
AnalytICS Engine: SerialGuard’s supporting software that operates as an End Point Protection (EPP), End Point Detection and Response (EDR) and Intrusion Detection System (IDS), and data validation tool. The software enables you to baseline normal operations and create rule-based alerts to support early detection of anomalous behavior.
Achieve Your Digital Transformation Goals Securely
Our scalable Platform acts as an all-in-one operational health monitor and serial network security solution that provides:
Zero-Trust Security
ICS Health Monitoring
Level 0/1 Visibility & Monitoring: Directly monitors communications to and from field devices in real-time to improve situational awareness and help combat stealthy spoofing/false feedback attacks.
Troubleshooting & Diagnostics: Helps quickly pinpoint operational faults to improve response times and ensure operational continuity.
Intrusion Detection: Alerts on anomalies indicative of misconfigurations, unauthorized commands and malicious cyber attacks.
Centralized Data Collection & Analysis: Centralizes serial data collection from multiple ICS devices and contextualizes the data for easy analysis.
Integration with SIEMs: Seamlessly integrates with SIEMs for optimized visibility, enhanced event correlation, and effective SOAR execution.
Reliable Operational Datasets: Builds serial datasets for advanced digital strategies such as Asset Performance Management (APM), Overall Equipment Effectiveness (OEE), and Predictive Maintenance.
Monitor Your Critical Assets and Processes Where It Matters Most
To adopt a successful ICS Defense-in-Depth strategy, you need to accurately monitor your serial-connected cyber-physical systems. With the SerialGuard AnalytICS Platform, you can securely achieve this with real-time monitoring and intrusion detection at the final phase of your cyber-physical processes.
The SerialGuard AnalytICS Platform in Action
Detecting Malicious Data and Advanced Attacks
(False Feedback Attacks & Other Malicious Data)
Serial Communications Asset and Configuration Change Management
Troubleshooting and Diagnostics
ICS Serial Network Attack Scenarios
Learn How Our Technology Works
SerialGuard®
- Serial packet sniffer for RS-232, RS-485 and RS-422 interfaces
- Securely captures ICS protocols such as MODBUS, DNP3, IEC-101, BACnet and more
- Provides full duplex serial communication monitoring
- Securely transfers serial data to AnalytICS Engine in encrypted TCP data packages
AnalytICS Engine
- Collects encrypted data on a separate subnetwork for secure examination of serial payloads
- Formulates metrics and visualizations of the assembled data into easy-to-read graphics
- Enables rule-based alerts for instant anomaly detection
- Integrates alerts and metrics with third-party SIEMs to streamline cybersecurity processes
Industry Integrations
SerialGuard AnalytICS Platform can be deployed across all industry verticals that utilize legacy field devices, including many critical infrastructure sectors listed by the US Department of Homeland Security. Typical industry integrations include:
- Electrical power generation, distribution, and transmission facilities
- Refineries and other oil-and-gas production facilities
- Water infrastructure and gas transmission infrastructure
- Maritime Transportation Systems (MTS)
- Nuclear reactors, materials, and waste sectors
- Railway and mass rapid transit systems
- Chemical production plants
- Industrial and manufacturing plants