The SerialGuard® sensor lets you monitor your most critical legacy assets at the lowest level for superior data integrity and visibility
Designed for Industrial Control Systems, SerialGuard® is a high-performance, fully passive, serial packet sniffer that enables secure visibility within vulnerable legacy networks. The fail-safe sensor passively monitors Level 0 and Level 1 serial communications between field devices and controllers and with the Cynalytica AnalytICS Engine Platform can reveal and help alert traffic anomalies that are indicative of a cyber-attack, physical-attack, or system misconfiguration.
The SerialGuard sensor:
- Collects serial communications data completely passively – physically unable to write to line
- Maintains serial communications in event of loss of power to sensor – Fail-Safe Operation
- Supports Protocol Agnostic RS-232 and RS-485/422
- Sends Encrypted Data to AnalytICS Engine
The Cynalytica AnalytICS Platform in Action
Detecting Malicious Data and Advanced Attacks
(False Feedback Attacks & Other Malicious Data)
Serial Communications Asset and Configuration Change Management
Troubleshooting and Diagnostics
Nozomi Networks & Cynalytica Solutions Brief
ICS Serial Network Attack Scenarios
Download the SerialGuard AnalytICS Platform
Value Proposition
Enables ICS Operators to Detect Modern Cyberattack Techniques
SerialGuard® installs in-line between field devices and controllers, enabling ICS operators to detect modern and commonly employed cyberattack techniques:
- Man-in-the-Middle Attacks: Captures interceptions and alterations of serial communications between field devices and controllers which go otherwise undetected
- Unauthorized Commands: Captures messages that instruct field devices to perform outside their expected functionality
- Reconnaissance: Enables operators to detect suspicious probes through the captured data packages
- Insider Threats: Captures all communications between field devices and controllers, enabling operators to detect unauthorized commands by malicious insiders
Industry Integrations
SerialGuard® can be deployed across all industry verticals that utilize legacy field devices, including many critical infrastructure sectors listed by the US Department of Homeland Security. Typical industry integrations include:
- Electrical power generation, distribution, and transmission facilities
- Refineries and other oil-and-gas production facilities
- Water infrastructure and gas transmission infrastructure
- Maritime Transportation Systems (MTS)
- Nuclear reactors, materials, and waste sectors
- Railway and mass rapid transit systems
- Chemical production plants
- Industrial and manufacturing plants