cybersecurity monitoring for pcs7 - securenok.com · monitoring for pcs7 about secure-nok™ as...
TRANSCRIPT
SNOK™ Cybersecurity Monitoring for PCS7
About Secure-NOK™ AS Secure-NOK™ is a cybersecurity specialistcompany for OT. We provide solutions that detect cyber-attacks such as espionage, sabotage, malware and other harmful cybersecurity events in industrial installations.
Secure-NOK™ is comprised of an international team with extensive experience in controls and automation systems cybersecurity.
Secure-NOK™ ASGrønnegata 142 2317, Hamar, Norway
[email protected] securenok.com
Real time monitoring, enables immediate response.
About Pigler Automation, LLCPigler Automation provides Excellence inProcess Automation in order to ensure the technical and financial success of Process Automation Projects.
We are a Siemens Solution Partner with extensive experience in PCS7 and TIA Portal applications and have partnered with SecureNOK to offer our customers cyber security support for their OT installations.
Pigler Automation, LLC 724 Main Street, Suite F Longmont, CO 80501, USA
Providing Excellence in Process Automation.
© 2018, Secure-NOK™. All rights reserved.The information contained herein is the intellectual property of Secure-NOK™.
Siemens SIMATIC PCS 7 is the distributed control system (DCS) for integrated automation. Much more than a traditional DCS, SIMATIC PCS 7 combines a unique scalable architecture with powerful engineering tools and a wide variety of additional functions such as alarm management, process safety and asset management, all of which can be integrated seamlessly into your existing environment. SIMATIC PCS 7 has everything you need to completely and safely automate your entire production process, from goods receipt to goods issue, in both manufacturing and process plants.
Bundled with the SNOK™ AS Threat Detection, Pigler Automation together with Secure-NOK offer an integrated cybersecurity monitoring solution with your PCS 7 installation. SNOK™ continuously monitors the Automation System (AS) for abnormal behavior, configuration changes and re-programming. We install the solution either as an appliance in the PCS 7 network or as a Virtual Machine on available hardware in the network. As system owner you get:
• Automated analysis determining cyber-criticality of AS events
• Visibility to current configuration andconfiguration changes
• Bringing visibility of the AS environment to ITCybersecurity personnel
Combined with other products in the SNOK™ Cybersecurity Monitoring System family, the environment surrounding the AS can be monitored as well, reducing blind spots in the infrastructure and detecting abnormal attempts to contact and communicate with an AS. Examples of alerts produced:
• New process detected on endpoints
• New IP-address communicating in thenetwork
• USB inserted into device
Early attack detection – SNOK™ will detect attacks at an early stage because it monitors your blind spots for subtle traces of attacks.
Beyond signatures – More than 50% of attacks are non-malware related – these are not detectable using traditional signature detection. SNOK™ uses anomaly detection and will detect all types of malware and non-malware intrusions.
SNOK™ is Built for Industry – Non-intrusive: SNOK™ does not disturb the industrial process. No maintenance required: SNOK™ knows the fundamentals of a cyberattack. Once installed it needs no signature updates or similar to keep detecting new attacks.
Tiny footprint: Computing and storage resources are often scarce in industrial settings. SNOK™ uses
minimal resources on the industrial infrastructure.
Backwards compatible: SNOK™ can be used to monitor legacy equipment such as unsupported Windows and Linux endpoints.
Quick and easy to install: SNOK™has a simple installation process and requires only a short learning period to train the system.
SNOK™ Keeping an eye on your Automation System
SNOK™ is the easy-to-use, state-of-the-art tool for monitoring, detection, and early warning of cybersecurity events in industrial control systems.
Example topology of a PCS 7 system withintegrated SNOK™ Cybersecurity Monitoring.
The SNOK™ solution monitors the security status of your PCS 7 AS.
Siemens SIMATIC PCS 7 is the distributed control system (DCS) for integrated automation. Much more than a traditional DCS, SIMATIC PCS 7 combines a unique scalable architecture with powerful engineering tools and a wide variety of additional functions such as alarm management, process safety and asset management, all of which can beintegrated seamlessly into your existing environment.SIMATIC PCS 7 has everything you need to completely and safely automate your entire production process, from goods receipt to goods issue, in both manufacturing and process plants.
Bundled with the SNOK™ AS Threat Detection, Pigler Automation together with Secure-NOK offer an integrated cybersecurity monitoring solution with your PCS 7 installation. SNOK™ continuously monitors the Automation System (AS) for abnormal behavior, configuration changes and re-programming. We install the solution either as an appliance in the PCS 7 network or as a Virtual Machine on available hardware in the network. As system owner you get:
• Automated analysis determining cyber-criticality of AS events
• Visibility to current configuration and configuration changes
• Bringing visibility of the AS environment to IT Cybersecurity personnel
Combined with other products in the SNOK™Cybersecurity Monitoring System family, the environment surrounding the AS can be monitored as well, reducing blind spots in the infrastructure and detecting abnormal attempts to contact and communicate with an AS. Examples of alerts produced:
• New process detected on endpoints
• New IP-address communicating in the network
• USB inserted into device
Early attack detection – SNOK™ will detect attacks at an early stage because it monitors your blind spots for subtle traces of attacks.
Beyond signatures – More than 50% of attacks are non-malware related – these are not detectable using traditional signature detection. SNOK™ uses anomaly detection and will detect all types of malware and non-malware intrusions.
SNOK™ is Built for Industry – Non-intrusive: SNOK™ does not disturb the industrial process. No maintenance required: SNOK™ knows the fundamentals of a cyberattack. Once installed it needs no signature updates or similar to keep detecting new attacks.
Tiny footprint: Computing and storage resources are often scarce in industrial settings. SNOK™ uses
minimal resources on the industrial infrastructure.
Backwards compatible: SNOK™ can be used to monitor legacy equipment such as unsupported Windows and Linux endpoints.
Quick and easy to install: SNOK™ has a simple installation process and requires only a short learning period to train the system.
SNOK™ Keeping an eye on your Automation System
SNOK™ is the easy-to-use, state-of-the-art tool for monitoring, detection, and early warning of cybersecurity events in industrial control systems.
Example topology of a PCS 7 system with integrated SNOK™ Cybersecurity Monitoring.
The SNOK™ solution monitors the securitystatus of your PCS 7 AS.
SNOK™ Cybersecurity Monitoring for PCS7
About Secure-NOK™ AS Secure-NOK™ is a cybersecurity specialist company for OT. We provide solutions that detect cyber-attacks such as espionage, sabotage, malware and other harmful cybersecurity events in industrial installations.
Secure-NOK™ is comprised of an international team with extensive experience in controls and automation systems cybersecurity.
Secure-NOK™ AS Grønnegata 142 2317, Hamar, Norway
[email protected] securenok.com
Real time monitoring, enables immediate response.
About Pigler Automation, LLC Pigler Automation provides Excellence in Process Automation in order to ensure the technical and financial success of Process Automation Projects.
We are a Siemens Solution Partner with extensive experience in PCS7 and TIA Portal applications and have partnered with SecureNOK to offer our customers cyber security support for their OT installations.
Pigler Automation, LLC 724 Main Street, Suite F Longmont, CO 80501, USA
[email protected] piglerautomation.com
Providing Excellence in Process Automation.
© 2018, Secure-NOK™. All rights reserved. The information contained herein is the intellectual property of Secure-NOK™.