PT ISIM confirmed by testing as fully compatible with Siemens industrial network components
Siemens and Positive Technologies have jointly tested PT Industrial Security Incident Manager (PT ISIM) from Positive Technologies for compatibility with Simatic NET, which is used for communication between Siemens industrial control system (ICS) components, servers, workstations, and PCs. The results of PT ISIM testing showed flawless connection and functioning, with no impact on ICS performance.
The ICS test network was built using Siemens Scalance and Ruggedcom routers. PT ISIM was connected to traffic mirroring interfaces via a one-way data diode from AMT-Group. The scope of testing included detection of events, security incidents, and attacker actions.
Results reflected rigorous assessment of protection monitoring and incident management capabilities. PT ISIM properly parsed and analyzed test traffic, from which it created a structured list of cybersecurity events and incidents. Most importantly, ICS operations were fully intact: the data diode performed its task and no PT ISIM traffic was present on the Simatic NET test network, since PT ISIM collects data only passively.
Paolo Emiliani, Industrial & SCADA Research Security Analyst at Positive Technologies, commented on the benefits of the partnership for industry: “Securing industrial facilities and networks is never easy. One of the major reasons why businesses hesitate to remediate software vulnerabilities is the fear of interrupting operations and causing downtime. But the alternative—airgapping—is not nearly as foolproof as some think. As our research shows, at four out of five companies an intruder on the corporate IT network could penetrate the industrial network. And in our experience, pentesters are able to obtain outside access to corporate IT networks at 73 percent of industrial companies. Compatibility of PT ISIM with solutions from Siemens, the ICS market leader, offers industrial companies a viable, verified way to identify even sophisticated incidents and cyberattacks, with zero impact.“