As industrial corporations are migrating towards Industry 4.0 technologies, their production infrastructures are increasingly exposed to cyber threats. Whether it’s a production line, a power station, an oil platform or a water, gas or electricity distribution network, automation systems are connected to IP networks. Contractors have remote accesses. Windows computers are widely used to run processes. Cybersecurity is a growing concern for control engineers.
Protecting industrial assets such as controllers, stations, servers, I/O modules and sensors requires two very different sets of skills and technologies. You need a perfect understanding of the industrial process to detect malicious behaviors such as the unwanted change of a controller’s parameter or an illegitimate stop order to a robot. You also need IT security platforms to filter network flows, enforce security rules and block attacks.
Empowering OT Staff While Automating Incident Response With IT Tools & Processes
Palo Alto Networks and Sentryo are now working together to secure industrial networks. Sentryo’s ICS CyberVision gives OT engineers comprehensive visibility on the production network and helps them detect anomalies through a machine learning algorithm that cuts down on false alarms. It works together with Palo Alto Networks’ Next-Generation Firewalls to enforce IT security strategies and prevent cyber-attacks by blocking known threats to both IT and OT including ICS-specific exploits, malware, and associated command and control (C2) traffic.
This integration enables ICS CyberVision to populate the Palo Alto Networks Dynamic Address Group with its classification of industrial assets. IT security managers can now create security rules that are relevant to OT systems. And ICS CyberVision can trigger those rules when it detects an anomaly on the OT network. The production infrastructure is then automatically put into a “protective bubble” until alarms can be reviewed.
Palo Alto Networks and Sentryo are bringing the ideal combination of OT and IT security technologies so control engineers and IT security leaders can work together to protect the company’s industrial infrastructure. Understanding the industrial process to detect real anomalies. Giving IT experts visibility on the OT assets so they can build security policies. Integrating Sentryo’s ICS CyberVision and Palo Alto Networks NGFW to automate OT threat detection and response. This is available now