Operational Technology Defence Module
The module permits to protect RTUs (Remote Terminal Unit) and IEDs (Intelligent Electronic Device) installed on the OT network.
The Agger OT Defence is a server-side protection system for RTUs, which remotely continuously check the availability and integrity of all RTUs and IEDs and, in case of corruption, is able to re-upload the original software and configuration.
The Agger OT Defence is provided as a complete virtual machine which has to be installed on the OT network in order to be able to contact all the RTUs on the network.
How it works
The OT Defence Module has auto discovery capability, which gathers a lot of information such as domain and application name, date, signatures, etc.
The interaction with the RTUs is absolutely negligible and it has no effect on operations.
The reaction can be completely automatic or can require the human authorization.
Agger OT Defence can be integrated with all the other complementary Agger Modules or with an external SIEM.
All the OT devices can be manged through a modern graphical console, which permits the display of the OT network connections.
Physical or virtual machine fully scalable (CPU and storage).
Secure communication infrastructure designed for Internet deployment.
Management through the central server.
Autodiscover new device on the same network.
Type of data gathered
Domain, Application, dates, signatures
Agentless OT availability and integrity scan engine
Automatic re-upload of original applications and configuration
Integrable with external SIEM
Determine both the technical-and business-level impact
Recording of all state changes, not just those that are deemed malicious
Investigative interface that allows for easy search and pivoting
Use of visualization to reduce the sheer amount of data to be presented into something actionable
Web based Graphic User Interface.
Fully integrated Risk Management tool.