PacketViper OTRemote remote location appliances consists of a family of fanless metal case devices designed for critical infrastructure applications in harsh and space constrained environments. These models all provide the highest levels of threat detection, prevention, and response to protect industrial control systems and critical infrastructure facilities from remote on-site online attacks. High availability (HA) and Bypass-enabled configurations are available, as well as a variety of other deployment options including custom NEMA-Rated outdoor enclosures.
The PacketViper OTRemote solution architecture includes a Boundary Security Unit (BSU), Control and Management unit (CMU), and Remote Security Unit(s) (RSU) for remote locations. These units are connected using network cables to the existing network infrastructure.
The Boundary Security Device (BSU) is the device that protects the outer network boundary of the OT/ICS environment from external threats. The BSU is typically a single device placed on the exterior boundary between the ICS environment and the IT environment or Internet. The OTRemote BSU deploys an array of tools that proactively detect and prevent threats North to South, and South to North.
The Control and Management Unit (CMU) is typically a single device installed at the primary facility of the control environment, normally near network equipment and other control system servers. In large, complex, or regionalized environments, multiple CMU units may be required. This device monitors internal east, west, north, south network communications, propagates policies and manages connected RSUs.
The Remote Security Unit (RSU) is typically one from a family of small ruggedized industrial devices which can be DIN rail mounted or enclosed in a custom NEMA container. The RSUs primary purpose is to identify anomalies within the remote site, and if configured to, contain unauthorized connections or devices, notify incident response teams, and the CMU. The RSU provides visibility and control of network connections and devices within remote locations.
The BSU, CMU, and RSU can be configured as a bridged connection which transparently monitors network communications, or as a mirror which receives a copy of the network communications from a smart switch.
Once implemented, the OTRemote solution monitors the network communications from the BSU, CMU, and RSU(s) devices, and aligns them to the customers established security policies. These policies can be configured with an array of cybersecurity actions, including logging, filtering, alerting, messaging, throttling, and blocking.
At the client's option, RSU(s) can be configured to contain threats and anomalies within a remote location when they are discovered. This is achieved when the RSU detects a threat, then automatically creates a rule to prevent the unauthorized device or communication, while simultaneously sending an alert, and notifying the CMU. The CMU then notifies the remaining RSU(s) and propagates the filter rule, protecting the remaining locations on the network by containing the threat at the impacted remote site.