OT/ICS Asset Inventory Management and Discovery

The first step to securing your operational technology (OT) and determining the overall risk level begins with identifying which devices are present in your network. Security regulations for critical systems, such as the EU NIS directive and NERC-CIP, require an asset inventory as a base for risk management. Establishing this inventory and keeping it up to date can be a lot of work.

StationGuard automatically discovers all assets in the network, creates a global asset inventory database, and alerts you on new assets in your networks. It collects accurate information for each asset by combining network analysis with imported SCL engineering files and spreadsheets. The asset inventory can be updated by importing information from external sources.

An asset inventory database with precise details about each protection and control IED is crucial to successful vulnerability and risk management. The more information you have about each asset, the more accurate your vulnerability analysis and prioritization will be. StationGuard and its central management system GridOps support you in the whole workflow from creating and updating the asset inventory to vulnerability and risk management.

Did you know: All our cybersecurity solutions can be found on brand-new website. Explore our products and solutions now: omicroncybersecurity.com

Take a look

Expert recommends

StationGuard Solution

Our IDS StationGuard and its central management system GridOps work perfectly together: while GridOps provides the management interface for StationGuard’s sensors across the grid, StationGuard collects all the data and analyzes it.

Our Products

StationGuard allows robust asset inventory management with comprehensive and rich data per asset. This inventory can be filtered, searched, exported, and integrated into 3rd-party systems. By documenting all connections as well as protocols and applications in use, StationGuard aids in the assessment of the entire system.

GridOps is a component of StationGuard that provides additional management and features, such as grid-level asset inventory, alert dashboard, sensor management, centralized user management, vulnerability management, and reporting.

 

StationGuard

Certified risk management and security assessment

Read more
GridOps
Central Management System for StationGuard
Read more
Request info

Automatically collect detailed information about your assets

 

 

Passive network traffic analysis allows to detect all devices communicating in the network, but asset details like firmware versions are never communicated in power utility automation networks. Therefore, StationGuard aggregates the passively observed information with imported engineering files and spreadsheets to get the most precise asset information possible, including engineering descriptions, type, hardware configuration, product ordering codes, and firmware version.

You can export the inventory and import it into asset and configuration management systems, ERP systems, and spreadsheets. By importing spreadsheets (CSV-files) into StationGuard, you can close the loop and synchronize to any other source. Using the companion tool StationScout, you can perform active asset discovery to find out the actually installed firmware versions.

StationGuard provides plugins for ticketing systems like ServiceNow to automatically create work tickets for responding to IDS alerts. By importing the asset inventory from StationGuard, tickets are automatically assigned to the engineer who is responsible for the asset or site involved into the alert.

Benefits of this solution

Detailed asset identification

StationGuard combines information sniffed in the network with imported SCL engineering files. This unveils accurate asset information like the engineering descriptions, type, hardware configuration, and firmware version.

Combined with active discovery

With the optional Active Asset Identification, it is possible to read out device nameplates safely using IEC 61850 MMS without interfering with the process. You will be able to compare original engineering specifications with the installed devices, which will provide you with even more insight.

3rd-party integration

We provide plugins for 3rd-party asset inventory and configuration management databases (CMDB) and ticketing systems. This allows you to automatically create tickets from alerts and assign them to the right engineers, based on the affected asset.

Built-in Vulnerability Management

Often tools display every vulnerability that even remotely applies, making it tedious to figure out which vulnerabilities pose a real risk. By using an expert-created database of device types and vulnerabilities, only the vulnerabilities that are relevant for your system are shown.

Choose Your Setup

Regardless of the software, you can choose the perfect platform for your intended use.
Our solutions run on RBX1 (fixed), VBX1 (virtual), and on MBX1 (mobile) platforms.

RBX1
Robust and cybersecure 19-inch platform
Read more
MBX1
Mobile, hardened test set for powerful communication analysis
Read more
VBX1
Virtualized platform for cybersecurity and testing applications
Read more

Compare product details

  • 19” rack installation for permanent use in harsh substation environments
  • 8x SFP (back) + 1x RJ45 (front)
  • Different DC/AC supply ranges, redundant option

    •  

  • Mobile usage with quick set-up
  • 4x RJ45 (front) + 2x RJ45 (back)
  • AC power supply

    •  

  • The power of RBX1 and MBX1 – only virtualized
  • Deployment on existing computing platforms
  • Compatible with VMware ESXi

    •  

Request info
Literature
Whitepaper-Detecting-Cyber-Intrusions-in-Substation-Networks-ENU.pdf (758 KB)
Easy integration into your substations, SOC and control centres
StationGuard Deployment (143 KB)
StationGuard-SOC-and-SIEM-Integration-ENU.pdf (150 KB)
>

Get in touch

Need more details? Get a quotation?
Request for a demo?


Contact us now
You are using an outdated browser version.
Please upgrade your browser or use another browser to view this page correctly.
×