Actively defend connected AND air-gapped OT assets to ensure safe, secure, and reliable operations.Oil & gas companies have essential distributed operational technology (OT) network assets that increase their attack surface and present attractive targets for attackers. OT assets connected to corporate networks create new attack vectors that can lead to greater exposure to cyber-threats.
Automated threat prevention, detection, containment, and response that goes far beyond monitoring and alerts.
PacketViper OTRemote provides security outcomes that matter to OT operators. It prevents external threats from accurately identifying connected assets during reconnaissance and from using them to enable access. It detects and responds to malware including vulnerability exploits and Ransomware at wire speed, providing a compensating control for “unpatchable” assets and unsupported devices. Additionally, if threats are introduced to the network, the active and agentless technology provides automated containment that prevents proliferation and/or establishing lateral or outbound communications. Finally, it does all this while enabling protected two-way data flow, allowing real-time operational access. The solution even provides a platform for the installation of other software tools, such as vulnerability scanning, telemetry, and SCADA applications in hard-to-serve remote environments.
OTRemote is deployed at each connected OT remote site (wellheads, pump stations, storage facilities etc.) where the agentless solution works as an invisible in-line bridge. This provides the context required to take action on traffic moving to and from the site. Threats cannot detect the solution and the technology obfuscates the connected site and its assets during reconnaissance. Attackers simply cannot see the site or it’s actual assets.
For threats introduced to the network the solution provides automated containment and real-time detection. Automated two-way filtering capabilities restrict the threat from spreading and exfiltrating data while the security team gets a high-fidelity alert. Response requires no complex orchestrations and the solution is equally effective against both known and unknown threats.
OTRemote is deployed on a ruggedized DIN mounted appliance that supports bypass capability. No network level re-addressing is required for installation, and once the physical connection is established, security policies can be remotely and centrally managed.