OT/ICS asset discovery 2.0
Identify, inventory, manage your digital OT/ICS assets — without installing a truckload of new network appliances
OT-BASE by Langner brings proven IT asset discovery technology (targeted and credentialed device queries) to OT, leveraging OT’s dedicated protocols such as Ethernet/IP, Modbus, Profinet, and others.
– Hardware make & model
– Installed operating system or firmware version
– Installed software applications & versions
– Installed security patches
– Network topology
– I/O modules installed on the PLC or RTU backplane
– Decentral field buses & peripherals “behind” PLCs
WHY “Passive Scanning” of ot/ICS networks is obsolete
OT-BASE Asset Discovery takes a completely different approach. Just like software packages from the large automation vendors, it utilizes legitimate ICS and IT protocols which were specifically designed for obtaining device metadata. Some of these protocols are Modbus, Ethernet/IP, and Profinet.
As another example, OT-BASE Asset Discovery enumerates your computer software configurations by using credentialed access via the Windows Management Instrumentation (WMI) interface. This way you get the foundation for establishing tight configuration baselines, software lifecycle management, and vulnerability management.
You also don’t need to worry if your investment in OT asset management is secure in the face of increasing adoption of encrypted ICS protocols, which will make deep packet inspection useless.
The Selective Probing technology used by OT-BASE Asset Discovery comes with the added benefit that it doesn’t have juicy realtime processing requirements. Therefore, resource requirements are sparse, making it feasible to have OT-BASE Asset Discovery engines run on existing HMI stations or engineering servers.