Establish Cyber-Resilient Operations
Digital transformation has heralded a new era for Maritime Transportation Systems (MTS), but is also expanding the attack surface of insecure serial-connected devices such as NMEA 0183-connected electronics and many other legacy OT network devices. Increased connectivity combined with increasingly sophisticated cyber threat actors means MTS are now facing significant risks to the safety and availability of their critical devices and operations. Rather than a ‘rip and replace’ approach, you can now safely and securely monitor communications between your serial-connected devices and detect stealthy malicious cyber intrusions.
Securely Monitor Your Serial-Connected Industrial Control Systems
With the SerialGuard AnalytICS Platform you can easily mitigate cyber risks by simultaneously bringing true visibility and real-time intrusion detection to your NMEA 0183-connected devices and other serial-connected OT devices. Combining a fully passive, real-time serial communications sensor with the power of a high-performance analytical and intrusion detection system, the SerialGuard AnalytICS Platform enables you to securely monitor your high-risk assets and detect anomalies at speed.
Safeguarding Your OT Network and NMEA-Connected Devices
The SerialGuard AnalytICS Platform is a scalable serial network Intrusion Detection System that comprises two high-performance components:
SerialGuard® Sensor: Fully passive and fail-safe serial packet sniffer that sits in-line between serial-connected devices to securely capture real-time serial communications.
AnalytICS Engine: SerialGuard’s supporting software that operates as an End Point Protection (EPP), End Point Detection and Response (EDR) and Intrusion Detection System (IDS), and data validation tool. The software enables you to baseline normal operations and create rule-based alerts to support early detection of anomalous behavior.
Achieve Your Digital Transformation Goals Securely
The SerialGuard AnalytICS Platform acts as an all-in-one operational health monitor and serial network security solution that provides:
Zero-Trust Security
ICS Health Monitoring
Visibility & Monitoring: Directly monitors communications to and from serial-connected devices in real-time to improve situational awareness and help combat stealthy spoofing/false feedback attacks.
Troubleshooting & Diagnostics: Helps quickly pinpoint operational faults to improve response times and ensure operational continuity.
Intrusion Detection: Alerts on anomalies indicative of misconfigurations, unauthorized commands and malicious cyber attacks.
Centralized Data Collection & Analysis: Centralizes serial data collection from multiple ICS devices and contextualizes the data for easy analysis.
Integration with SIEMs: Seamlessly integrates with SIEMs for optimized visibility, enhanced event correlation, and effective SOAR execution.
Reliable Operational Datasets: Builds serial datasets for advanced digital strategies such as Asset Performance Management (APM), Overall Equipment Effectiveness (OEE), and Predictive Maintenance.
Monitor Your Critical Assets and Processes Where It Matters Most
To adopt a successful ICS Defense-in-Depth strategy, you need to accurately monitor your serial-connected cyber-physical systems and marine electronics. With the SerialGuard AnalytICS Platform, you can securely achieve this with real-time monitoring and intrusion detection of your onboard and onshore serial communications.
Onboard Topology
Onshore Topology
The SerialGuard AnalytICS Platform in Action
Detecting Malicious Data and Advanced Attacks
(False Feedback Attacks & Other Malicious Data)
Serial Communications Asset and Configuration Change Management
Troubleshooting and Diagnostics
ICS Serial Network Attack Scenarios
Learn How Our Technology Works
SerialGuard®
- Serial packet sniffer for RS-232, RS-485 and RS-422 interfaces
- Securely captures ICS protocols such as NMEA 0183, MODBUS, DNP3, IEC-101, BACnet and more
- Provides full duplex serial communication monitoring
- Securely transfers serial data to AnalytICS Engine in encrypted TCP data packages
AnalytICS Engine
- Collects encrypted data on a separate subnetwork for secure examination of serial payloads
- Formulates metrics and visualizations of the assembled data into easy-to-read graphics
- Enables rule-based alerts for instant anomaly detection
- Integrates alerts and metrics with third-party SIEMs to streamline cybersecurity processes
Industry Integrations
SerialGuard AnalytICS Platform can be deployed across all industry verticals that utilize legacy field devices, including many critical infrastructure sectors listed by the US Department of Homeland Security. Typical industry integrations include:
- Electrical power generation, distribution, and transmission facilities
- Refineries and other oil-and-gas production facilities
- Water infrastructure and gas transmission infrastructure
- Maritime Transportation Systems (MTS)
- Nuclear reactors, materials, and waste sectors
- Railway and mass rapid transit systems
- Chemical production plants
- Industrial and manufacturing plants