MANAGE Your DIGITAL OT Assets like a boss

Why should managing your digital OT infrastructure be more difficult than using social media? Why shouldn’t you be able to navigate process networks and digital configurations throughout your fleet by just clicking the mouse? The simple reason is, because you are using  inappropriate tools. The solution is not a better spreadsheet. It’s something entirely different.

Experience the OT-BASE difference

OT-BASE is an asset management system for companies in manufacturing, energy, water, chemical and similar industries who are dissatisfied with using spreadsheets or IT asset management systems to inventory and manage their complex, mission-critical digital operations technology infrastructure.

Without OT-BASE:
Tool-centric workflow

Excel, Visio & wiring diagrams because you didn’t have anything better

Without OT Base

Configuration details of control networks, PLCs, software versions etc. are scattered across dispersed files. Stored in different folders, on different servers, produced by different individuals, and locked in silos. Data entry is manual, resulting in incomplete and outdated information. Workflow automation is completely missing. It’s like being stuck in the Nineties.

WITH OT-BASE:
User-centric Workflow

Designed for the way control system engineers want to work

With OT Base
Automatic discovery of the identity and configuration of your digital OT devices and systems. Consolidation of OT configuration details in a central CMDB, accessible by web browser. System details are no longer known to individual engineers only, but are instantly available to every team member, turning everyone into an expert.
The most powerful tools are the ones you love to use
Building and maintaining the digital backbone of industrial production is no small feat. It takes skilled engineers who are passionate about their job. Being left in the dark and slowed down by obsolete tools will not only result in frustration. It will also require excess labor and headcount to get the job done. Not an appealing prospect when you’re planning to vastly increase digital complexity in the pursuit of the IIoT.

Make sure your engineers deliver peak performance by giving them a tool that they actually love to use.

HARDWARE INVENTORY

Get a listing of all devices, both bare metal and virtualized, that can be filtered by location, device category, IP address and more. Get a listing of all devices of a specific make and model.

SOFTWARE INVENTORY

Get a listing of operating systems, software applications, and firmware along with exact version numbers. Get a listing of all software installations for a specific product and version, along with license keys. Identify all devices where a specific software, firmware, OS version is installed within seconds.

Vulnerability Management

See vulnerabilities published in NIST’s National Vulnerability Database that affect your installed base, associated with the software & hardware products you are using, and with individual devices. Use baselines to specify which software versions and patches must be installed, and automatically check where they aren’t.

NETWORK TOPOLOGY

Get accurate and complete interactive network diagrams which allow you to drill down into device configurations and subnets. Focus on layer 2 or layer 3 information by selectively enabling or disabling certain types of metadata.

Change management

Plan and monitor configuration change with a straightforward workflow. Check configuration change, no matter if planned or unauthorized, by using a change history that is automatically maintained for every device.

Location Mapping

Get context information about the location where OT components are installed, be it photos, Google Maps depiction, street address, or Webcam feeds.

DATA FLOW MAPPING

Get a realistic picture of the de-facto data flow in your mission-critical networks. Validate protocols and endpoints for actually intended vs. unauthorized traffic. Get alerts on unauthorized data flow. Automatically visualize data flow in interactive UML diagrams.

access control

Allow access to the asset management system for various user roles and third parties such as contractors, vendors, and consultants with user-definable roles and scopes. Assure that users can only see those parts of your OT infrastructure that they are entitled to.

Configuration Auto-Discovery and MONITORING

agentless Software-based collector

OT-BASE comes with software (native Windows or Docker container) to automatically discover your network topology, device identity, hardware and software configuration, and data flow. The OT-BASE collector does not need to be installed on every single endpoint, just once per network.

small footprint

Dedicated SPAN ports and a discovery network are not required, and neither are expensive proprietary appliances. Hardware requirements for the configuration collector are low because no realtime processing is done. Install on an existing Windows/Linux/VM platform, or on dedicated Intel NUC.

Selective Probing

OT-BASE uses selective probing to discover system identity and configuration. Unlike scanning, no blind-shot data is sent out. Probing is only done for preselected IP addresses and address ranges. For those, only supported standard interfaces such as SNMP, LLDP, WMI and Netflow are used to extract high fidelity configuration data.

Continous monitoring

Configuration auto-discovery isn’t only useful for initial CMDB population, but also for continuous monitoring. This way OT-BASE can alert you about any unauthorized configuration change, catching well-intended silent installs as well as sophisticated cyber attacks.

Priced around Customer value

OT-BASE is licensed based on volume. You pay for your number of digital devices, regardless of the number of users, number of networks, number of sites. Devices are: Computers (bare metal or virtualized), network switches, PLCs, RTUs etc. Devices are not: Interface cards, I/O modules, keyboards etc.

License fee per device degrades with the number of devices. The more devices you manage with OT-BASE, the lower the cost per device. Best of all, if you manage multiple sites with OT-BASE, license fees are calculated based on the cummulative number of devices, not based on the number of devices per site.

Why we invented the world’s first full-fledged OT asset management system
For twenty years we did little else but help asset owners in multiple industries to protect their plants against sophisticated cyber-physical attacks. The fundamental problem we encountered over and over again was a blatant lack of appropriate digital system documentation. As a result, assessment projects took much longer than needed, and always turned up serious vulnerabilities in system design that could have been avoided if appropriate documentation had been available.

We spent several years working on the concepts of an asset management system purpose-built for digital operations technology which would fix all these issues. Then, we turned concepts into reality, making sure that control system engineers would actually love the resulting product:

The OT-BASE OT asset management system.