SerialGuardTM lets you monitor your most critical legacy assets at the lowest level for superior data integrity and visibility
Designed for Industrial Control Systems, SerialGuardTM is a high-performance, fully passive, serial packet sniffer that enables secure visibility within vulnerable legacy networks. The fail-safe sensor passively monitors Level 0 and Level 1 serial communications between field devices and controllers and with the Cynalytica AnalytICS Engine Platform can reveal and help alert traffic anomalies that are indicative of a cyber-attack, physical-attack, or system misconfiguration.
The SerialGuard sensor:
- Collects serial communications data completely passively – physically unable to write to line
- Maintains serial communications in event of loss of power to sensor – Fail-Safe Operation
- Supports Protocol Agnostic RS-232 and RS-485/422
- Sends Encrypted Data to AnalytICS Engine
The SerialGuard AnalytICS Platform in Action
Detecting Malicious Data and Advanced Attacks
(False Feedback Attacks & Other Malicious Data)
Serial Communications Asset and Configuration Change Management
Troubleshooting and Diagnostics
ICS Serial Network Attack Scenarios
Download the SerialGuard AnalytICS Platform
Value Proposition
SerialGuard AnalytICS Platform Enterprise Starter Kit
Enjoy a fast track route to securing your legacy ICS
We understand the challenges of aligning OT security and digital transformation projects – and we are here to help you.
Our Starter Kit offers you a fast track option to kick-start securing your legacy ICS while providing you with the technical support that delivers results today!
What you get with the Enterprise Starter Kit
- 3 SerialGuard Sensors
- 1-year AnalytICS Engine License for up to 5 SerialGuard Sensors
- Implementation Support & Applications Updates
Order Inquiry
Download the SerialGuard Product Sheet
Enables ICS Operators to Detect Modern Cyberattack Techniques
SerialGuardTM installs in-line between field devices and controllers, enabling ICS operators to detect modern and commonly employed cyberattack techniques:
- Man-in-the-Middle Attacks: Captures interceptions and alterations of serial communications between field devices and controllers which go otherwise undetected
- Unauthorized Commands: Captures messages that instruct field devices to perform outside their expected functionality
- Reconnaissance: Enables operators to detect suspicious probes through the captured data packages
- Insider Threats: Captures all communications between field devices and controllers, enabling operators to detect unauthorized commands by malicious insiders
Industry Integrations
SerialGuardTM can be deployed across all industry verticals that utilize legacy field devices, including many critical infrastructure sectors listed by the US Department of Homeland Security. Typical industry integrations include:
- Electrical power generation, distribution, and transmission facilities
- Refineries and other oil-and-gas production facilities
- Water infrastructure and gas transmission infrastructure
- Nuclear reactors, materials, and waste sectors
- Railway and mass rapid transit systems
- Chemical production plants
- Industrial and manufacturing plants
Key Features & Benefits
| FEATURES | BENEFITS |
|---|---|
| Passive | Cannot write to the serial line; therefore, it will not introduce a new attack vector to the OT Network. |
| Fail-Safe | Will not disrupt operations or flow of serial communications in the unlikely event of power failure. |
| Supports RS-232/485/422 | Can be integrated with a significant number of industrial control systems. |
| Full/Half Duplex Serial Monitoring | Can support monitoring of both RX/TX channels. |
| Protocol Agnostic Support for Various Legacy Serial Networks | Accurately frames all the bytes into messages even if the serial protocol of captured data is unknown. |
| Deep Packet Inspection | MODBUS, DNP3, IEC-101 and more. |
| Real-Time Operating System | Guarantees the accurate capture of every byte with nanosecond resolution. |
| Encapsulates serial data in encrypted TCP data packets* | Secures data packages before forwarding them to Cynalytica’s AnalytICS Engine or third party network security tools in order to ensure data integrity. |
| Power over Ethernet or 24V | Powered by ICS standard power supply options. Has minimal electrical wiring and low power consumption. |
| LED indicators | Illustrates the rate of the serial data flowing through the device. Also facilitates quick troubleshooting. |
| DIN-Rail Mounting bracket | Easily mounted on a DIN-Rail – an apparatus typically found on industrial controllers. |
| Quick Installation | Can be installed within minutes. |
| Graphical User Interface | Enables simple setup and monitoring. |
| Manufactured in the USA | Built in our ISO9001:2015 and AS9100D certified factory in the United States using J-STD-001 and IPC-A-610 standards. |
*SerialGuard can be configured to send unencrypted TCP data packets if required