Software-only OT asset discovery that scales
Identify and inventory your digital OT assets with unprecedented fidelity, but without installing a ton of hardware sensors
The first generation of ICS Detection products rely on “passive sniffing” to infer asset identity and configuration. Not only is that unreliable — think about guessing device make & model by MAC address. It is also costly because hardware appliances and discovery networks need to be installed all over the place. It simply doesn’t scale.
OTbase by Langner brings proven IT asset discovery technology (targeted and credentialed device queries) to OT, using OT’s dedicated protocols such as Ethernet/IP, Modbus, Profinet, and others.
Now you can discover OT devices just like IT asset management products used to for the IT side. All that using a small-footprint, software-only technology that supports routing and slashes deployment cost.
OTbase Discovery automatically discovers:
– Hardware make & model
– Installed operating system or firmware version
– Serial number
– Installed software applications & versions
– Installed security patches
– Network topology
– I/O modules installed on the PLC or RTU backplane
– Decentral field buses & peripherals “behind” PLCs
OT asset discovery without active probing isn’t OT asset discovery
OT asset owners know they need a comprehensive OT asset inventory. But with hundreds of thousands, if not millions, of devices owned, manual inventories are impossible. So, they deploy passive scanning solutions—only to find them inadequate. Active probing is the only way to go regarding OT asset discovery.
The OT Asset Discovery Handbook looks at:
- Active discovery myths versus reality
- Functions and use cases
- And the decentralized architecture for optimum OT security
Fill out the form to download a copy of the handbook now.
Get the OT Asset Discovery Handbook.
Secure de-central asset discovery with 24h update cycles
The unique discovery technology used by OTbase allows you to securely inventory thousands of networks with 24h accuracy. A swarm of autonomous discovery nodes (no appliances, no agents) that are embedded in your process network periodically probe your devices for configuration changes. Results are sent outbound to OTbase Inventory as an encrypted file. This way you don’t have to open firewalls for inbound traffic, and you can even discover behind data diodes and DMZs.
Approaches like Langner’s active communication with the devices, combined with manual entry and adjustment, is what will lead to the single source of truth asset inventory.”
- NSecure de-centralized architecture
- NNo hardware appliances
- NSelective probing
- NRemote discovery
- NAutomatic 24h update cycle
- NNo software agents necessary
OTbase Discovery platform variants
OTbase Discovery is available for different deployment scenarios. Pick the version(s) that suit you best.
Learn about OTbase Discovery from these videos:
Enterprise-grade OT asset management software