SerialGuard® Sensor

Designed for Industrial Control Systems, SerialGuard^® is a high-performance, fully passive, serial packet sniffer that enables secure visibility within vulnerable legacy networks. The fail-safe sensor passively monitors Level 0 and Level 1 serial communications between field devices and controllers and with the Cynalytica AnalytICS Engine Platform can reveal and help alert traffic anomalies that are indicative of a cyber-attack, physical-attack, or system misconfiguration.

The SerialGuard sensor:

• Collects serial communications data completely passively – physically unable to write to line
• Maintains serial communications in event of loss of power to sensor – Fail-Safe Operation
• Supports Protocol Agnostic RS-232 and RS-485/422
• Sends Encrypted Data to AnalytICS Engine

Nozomi Networks & Cynalytica Solutions Brief

SerialGuard^® installs in-line between field devices and controllers, enabling ICS operators to detect modern and commonly employed cyberattack techniques:

• Man-in-the-Middle Attacks: Captures interceptions and alterations of serial communications between field devices and controllers which go otherwise undetected
• Unauthorized Commands: Captures messages that instruct field devices to perform outside their expected functionality
• Reconnaissance: Enables operators to detect suspicious probes through the captured data packages
• Insider Threats: Captures all communications between field devices and controllers, enabling operators to detect unauthorized commands by malicious insiders