OT/ICS asset management software with active discovery

Build a deep OT asset inventory for your global installed base, with automatic configuration updates. Accessible from the factory floor or from the home office.

OT-BASE is a productivity tool that enables control engineers, threat hunters, and OT maintenance to achieve more in less time.

When your company’s success, and your team’s efficiency, rely on how well you understand and manage tens of thousands of digital OT devices, you need a modern tool that was specifically designed to do the job. Enter OT-BASE into the picture: The ultimate enabler for complex IIOT/Industry 4.0 environments.

How is OT-BASE different from “ICS Detection” products?

There are around 30 products in the “ICS Detection” category, but OT-BASE isn’t one of them. You may have a hard time understanding how one ICS Detection product is different from the next, but it’s easy to see how OT-BASE is different from any ICS Detection product. We don’t even claim to be better — we are targeting different customers and use cases.

OT-BASE is not in the ICS Detection category, it’s a pure-play OT asset management system. The following comparison helps you to determine if OT-BASE may be better for you. It most likely is if you lean more to the right side. If you lean to the left side instead, OT-BASE is not for you.

ICS Detection
OT-BASE
Claims to detect cyber attacks in wire traffic as they happen in real time

Doesn’t even try — OT attacks are so rare that we don’t believe this is a worthwhile goal (rather than bolstering your cyber defense)

Assumes that you have a Security Operations Center; SOC analysts are the primary users of the solution (small number of users)

Caters to engineering, maintenance, IT, and cyber security (large number of users from different departments and contractors)

Expects you to install network appliances in every subnet
Software-only solution that doesn’t even need to run in every subnet as it supports remote discovery
Uses packet sniffing to gather asset information
Uses active probing with legitimate industrial protocol functions to gather asset information
Weak on minute asset details such as software configuration, serial numbers, network connectivity
Strong on minute asset details such as software configuration, serial numbers, network connectivity
No details on network topology

Automatic network topology diagrams (layer 1 and layer 3)

No engineering workflows

Lots of engineering workflows: Change management, system management (production lines, DCS), problem management, product lifecycle management

Assumes users don’t want to add data manually
Assumes users want to enrich data using existing documents, user defined database fields, metadata imports etc.
Promises to reduce cyber risk by being able to detect cyber attacks early
Promises to make your engineers, maintenance specialists, administrators, and threat hunters more efficient

Managing modern OT infrastructures is an interdisciplinary team effort. Here’s the platform to make it happen.

Most companies don’t have the technology for efficient collaboration between engineers, maintenance, IT, and cyber security. Never did this become more apparent than when many were forced to work from home.

The OT-BASE OT Asset Management System automatically collects OT configuration details and makes them accessible for the whole team, no matter if in different departments, at a home office, or at a contractor’s location.

LEGACY OT DOCUMENTATION

Incomplete, outdated Excel, Visio & wiring diagrams: Unsuited for collaboration and remote access

Without OT Base
Configuration details of control networks, PLCs, software versions etc. are scattered across dispersed files. Stored in different folders, on different servers, and locked in silos. Data acquisition is manual, resulting in incomplete and outdated information. Workflow automation is completely missing. It’s like being stuck in the Nineties.

OT-BASE

Designed for complex OT/ICS infrastructures and collaboration, always up-to-date configuration details

Automatic discovery of the identity and configuration of your digital OT assets and networks, locally and remote. Consolidation of OT configuration details in a central platform, accessible by web browser and REST API. System details are no longer known to individual engineers only, but are instantly available to every team member, making the team more efficient.
Online collaboration between engineers, admins, contractors, and threat hunters.
Unlike “ICS detection” solutions which put all the emphasis on hypothetical cyber attacks and the alleged threat actors behind them, OT-BASE focuses on the people responsible for keeping OT infrastructures reliable, safe, and secure.

OT-BASE helps engineers, maintenance specialists, system administrators, and auditors to get more stuff done in less time. It covers the most basic (yet important and time consuming) activities such as IP address management as well as the most complex tasks, such as mapping multi-site network topologies.

OT-BASE will make you more efficient, and make your work more fun, too — because nobody likes to work with inappropriate tools. It also opens up a whole new level of online collaboration because you can share OT insights and configuration details with coworkers, contractors, and vendors.

Your new window into your installed OT base. 

Inspect OT configuration for a particular cabinet, for a specific production line, a whole production site, or your global operations. Detailed configuration data is just a mouse click away.

L
Quick search

Enter IP address, serial number, DNS name, MAC address of a device you are interested in. Or network name, system name (e.g. “line 5”), site name, cabinet id.

L
List/products tabs

Switch between list of individual devices or installed OT products

L
Main menu

Select between inventory, homepage (shows changes during last 7 days), workflows, and user management

L
Scope limiter

Limit the scope of the list output to a specific location, device group etc., or combinations thereof (collapsable)

L
Filter fields

Type anything in the filter field of a column and the device list is filtered for matching results as you type

L
Customizable columns

Click on a column header to reverse sorting order. Right-click to add or remove fields. Adjust column width to your preference.

L
Device counter

Shows you the number of devices in the device list

L
Personal settings

Lets you change your password, national language, and log out

L
Sidebar

Select which view on your inventory you want to use: Hardware, software, systems (e.g. production lines), networks (including topology diagrams), locations

L
Device list

Scroll down the list, select the device you are interested in, and double-click on the entry to see the comprehensive device profile

ACTIVE discovery — because it’s better and cheaper.

Comprehensive configuration data. No hardware sensors. No SPAN ports and discovery networks. Remote discovery. That’s what only active discovery gives you. That’s why we are using it.

“Passive monitoring will not be used to create and maintain an asset inventory.

Approaches like Langner’s active communication with the devices, combined with manual entry and adjustment, is what will lead to the single source of truth asset inventory.”

Dale Peterson

Digital Bond, S4xEvents

  • NNo hardware appliances
  • NSelective probing
  • NRemote discovery
  • NPeriodic monitoring

Technical Add-On for Splunk

Integrated with Elasticsearch

Integrated with IT platforms.

Chances are that there is more than one enterprise solution in your organization which also stores OT asset data — or would like to do so! Examples are IT asset management systems such as BMC ARS and IBM Maximo. Or service management platforms such as ServiceNow. And you may also want to analyze OT configurations and events using Splunk or Elasticsearch. What you don’t want is to maintain asset information in multiple places.

OT-BASE integrates seamlessly with your existing IT infrastructure and with custom apps.

Integrated with a policy framework

Technology alone doesn’t make your OT infrastructure more secure if not backed by a set of sound policies. OT-BASE is fully integrated with a comprehensive OT security program that takes the guesswork out of implementing IEC 62443, ISO 27k, NIST CSF or other standards, and shows you exactly how to complement a powerful OT asset management system with policies, procedures, and metrics. It’s called the Simple Cyber Governance Program (SCGP) and it’s used for years in multiple critical infrastructure sectors, including nuclear.

The Simple Cyber Governance Program shows you in detail, step by step, how to arrive at sustainable OT security, and how to leverage OT-BASE for maintaining a solid cyber security posture.

Priced around customer value.

On-premise or SaaS.

OT-BASE is licensed based on volume. You pay for the number of digital devices, regardless of the number of users, networks, or sites.

License fee per device degrades with the number of devices. The more devices you manage with OT-BASE, the lower the cost per device. Best of all, if you manage multiple sites with OT-BASE, license fees are calculated based on the cummulative number of devices, not based on the number of devices per site.

You have the choice between on-premise and SaaS. The OT-BASE cloud version is also an attractive platform for consultants who do asset inventories as a service. Inquire for more information!

Watch OT-BASE in action
Check the documentation
Schedule a demo

Go to Youtube channel

Go to OT-BASE Help Center

Contact sales

Go to a full scale automated OT asset inventory in these three steps:

Step 1

OT-BASE Asset discovery evaluation (do this now)

Download the free OT-BASE Asset Discovery evaluation software. Check it out in your testbed, in your office network, and in selected process networks. You will see results within the first hour. Discuss results with your fellow engineers.

Step 2

OT-BASE Asset center proof-of-concept

In a proof-of-concept, see what your asset discovery results look like in OT-BASE Asset Center. Get a limited, inexpensive subscription for OT-BASE Cloud, where you can import and process discovery results. In the unlikely case that you shouldn’t like OT-BASE Asset Center good enough, you can still export all discovery results to Excel and JSON and be much better off compared to your previous outdated Excel spreadsheets for asset data and IP lists.

If you don’t have an even minimalistic budget, send us your discovery files and we will give you and your team (and your boss) an impression of Asset Center workflows with your data in a web conference. Usually this results in budget for a proof-of-concept being made available.

Step 3

Go to production

For going to production, you can simply keep your OT-BASE Cloud subscription, or purchase a perpetual license for an on-premise version of OT-BASE Asset Center. The on-prem version is functionally identical to the cloud version. Whatever path you choose, we will assist you in getting top results out of your OT-BASE installation.
THE OT ASSET MANAGEMENT SYSTEM
OT-BASE™ by Langner