Improve Your Operational Health and Cybersecurity Posture
Features and Benefits
Passive Monitoring: AnalytICS Engine is a passive monitoring solution, meaning it does not send any data packets to the ICS/SCADA network. This means that it does not interfere with the operation of the network, ensuring that it operates normally.
Secure Communication: AnalytICS Engine uses secure communication protocols to ensure that data is transmitted securely from the ICS/SCADA network to the monitoring platform. This eliminates the risk of cyberattacks and ensures that sensitive data is kept secure.
Comprehensive Monitoring: AnalytICS Engine can capture analog, serial, and IP ICS/SCADA communications. This means that it can capture all communications on the network, giving you a complete picture of what is happening on the network.
Easy Integration: AnalytICS Engine can easily integrate with 3rd party SIEM and SOAR platforms. This means that you can use your existing monitoring infrastructure and tools to analyze the data captured by AnalytICS Engine.
Real-time Alerting: AnalytICS Engine can send real-time alerts to your security team when it detects anomalous activity on the ICS/SCADA network. This enables your team to respond quickly to potential cyber threats.
Our customers include:
U.S. Department of Defense (DoD), U.S. Department of Energy (DOE) and U.S. Department of Homeland Security (DHS).
Operational Health Monitoring
The Cynalytica AnalytICS Platform monitors legacy ICS communications to enable you to:
✅ Prevent legacy ICS downtime
✅ Detect operational irregularities early
✅ Reduce time to conduct troubleshooting and diagnostics
✅ Reduce capital outlays & avoid equipment overhauls
Legacy ICS Intrusion Detection
The Cynalytica AnalytICS Platform monitors industrial physical processes to enable you to:
✅ Detect unauthorized commands & false feedback attacks
✅ Detect attacks to avoid asset damage & loss of life
✅ Reduce time to solve cyber-physical incidents
✅ Improve cybersecurity compliance posture
Download the SerialGuard AnalytICS Platform
Value Proposition
ICS Operational Health Monitoring
Passively monitor and analyze legacy serial device activity in real-time with SerialGuard AnalytICS Platform’s high-performance graphical user interface (GUI).
Quickly identify operational irregularities and ensure optimum performance from your legacy assets with easy-to-use baselining and alerts functionalities.
Maintain network efficiency through remote troubleshooting & diagnostics of your legacy devices.
Monitor multiple serial ports from a centralized location at enterprise-scale.
Validate serial communication data to maximize interoperability within your OT network.
Seamlessly integrate data with your organization’s enterprise management system and other data analysis tools.
Cyber Intrusion Detection at Level 0-1
Passively tap level 0/1 ICS Communications and monitor your legacy assets at enterprise-scale without introducing an additional attack vector to your critical devices.
Quickly detect interceptions and alterations of serial communications between field devices and controllers through baselining and rule-based alerts.
Securely log ICS protocols such as MODBUS, DNP3, IEC-101, BACnet MS/TP and more to enhance your industrial cybersecurity posture.
Get true visibility into your ICS physical processes and establish a cost-effective last line of defense against cyber-physical attacks.
Stomp out noise with custom rulesets to flag operational anomalies on individual devices or across the network.
Seamlessly integrate alerts and metrics with third-party SIEMs.
The Cynalytica AnalytICS Platform in Action
Detecting Malicious Data and Advanced Attacks
(False Feedback Attacks & Other Malicious Data)
Serial Communications Asset and Configuration Change Management
Troubleshooting and Diagnostics
Nozomi Networks & Cynalytica Solutions Brief
ICS Serial Network Attack Scenarios
Learn How Our Technology Works
OTNetGuard™
- All new modular data capture platform to support wide range of OT network communications – analog signals, serial communications, and TCP/IP network traffic
- Additional capture backhaul options – SFP and Wi-Fi or Cellular
- Increased storage capacity and CPU speed
SerialGuard®
- Serial packet sniffer for RS-232, RS-485 and RS-422 interfaces
- Securely captures ICS protocols such as MODBUS, DNP3, IEC-101, BACnet and more
- Provides full duplex serial communication monitoring
- Securely transfers serial data to AnalytICS Engine in encrypted TCP data packages
AnalytICS Engine
- Collects encrypted data on a separate subnetwork for secure examination of serial payloads
- Formulates metrics and visualizations of the assembled data into easy-to-read graphics
- Enables rule-based alerts for instant anomaly detection
- Integrates alerts and metrics with third-party SIEMs to streamline cybersecurity processes
Industry Integrations
Cynalytica AnalytICS Platform can be deployed across all industry verticals that utilize legacy field devices, including many critical infrastructure sectors listed by the US Department of Homeland Security. Typical industry integrations include:
- Electrical power generation, distribution, and transmission facilities
- Refineries and other oil-and-gas production facilities
- Water infrastructure and gas transmission infrastructure
- Maritime Transportation Systems (MTS)
- Nuclear reactors, materials, and waste sectors
- Railway and mass rapid transit systems
- Chemical production plants
- Industrial and manufacturing plants