<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

3 Uses of Complete Visibility in OT Environments

In part three of my OT visibility series, we’ll review what next steps OT and ICS organizations are taking once they have a foundation of visibility with a TAP and aggregation fabric. If you haven’t read my previous posts, I suggest starting there for some background.

It really is industry best practice to utilize a TAP and aggregation fabric as your access method for network traffic. Once you have the necessary TAPs in place, it becomes easier to start working on improving monitoring, operations, and cybersecurity practices. 

Asset Inventory

Companies typically start by looking to see what is on their network, aka performing an accurate asset inventory. It’s very common to talk to manufacturing companies who think they have 3,500 assets on their network, only to realize later on, once a joint solution like Garland Technology and Dragos are deployed, that they actually have 4,500 assets on their OT network. It may seem obvious that companies are first utilizing their visibility to find out what’s on the network. Still, with many of these OT facilities, it’s impossible to look in every nook and cranny and find every piece of hardware that may or may not be connected to the network. It’s not like in the traditional data center where everything is nicely rack mounted and in cabinets. While a facility may have a list of assets from their integrator who first set up the facility, these are often out-of-date and not trusted. So the easiest way to get an accurate asset inventory is to rely on what the network traffic is telling you. That’s why it’s so important to use TAPs as the visibility method since relying on SPAN ports will likely leave you with incomplete data.

 

Garland-Dragos-Webinar-CTA

Segmentation Validation

Another way OT environments are using their increased network visibility is to validate their network segmentations. Most organizations follow the Purdue Model for their network segmentation, which creates a defensible architecture. As an operator, the Purdue Model ensures you can have visibility across everything, but for some reason, if an attack happened and someone gained access to the network, they would have trouble going from Level 2 to Level 3. When you have the proper visibility, you can make sure that no one is going from substation A to substation B directly, without going to the control center in between, where security permissions are reviewed.

Capacity Planning and Optimization

Capacity planning is critical for all organizations, to allow and plan for growth, but in OT environments, capacity optimization is even more important. In most manufacturing environments, we rarely see networks that are saturated with traffic, running near full utilization. More often than not we see plants that have been online for 20, or 30 years running the same equipment. Their capacity hasn’t grown to a level where they need to update and make changes, but there certainly is a need to optimize the capacity so each production line and piece of equipment is working at an optimal level. In order to do this, you need to have full visibility into all of the assets in the network.

It’s important to be able to see everything that goes on in the network, to tie it back to a source and destination system, and validate that the expected behavior matches what is actually being observed. When an operator can trust the data, because it’s delivered by a Network TAP and is 100% complete, they can then use that data to perform risk assessments and implement other proactive cybersecurity measures.

Want to learn more?

Watch our latest roundtable webinar with Dragos where we discuss tactics and strategies for strengthening your ICS/OT visibility.

Written by Neil Wilkins

Neil is a Systems Engineer at Garland Technology focusing on customer challenges with network visibility such as resilience, interoperability, and integration into data center topology. Wilkins is a seasoned network professional with 30 years of experience globally within the computing industry, in product marketing and technical support, for both the commercial and public sectors

Authors

Topics

Sign Up for Blog Updates