The PT ISIM hardware appliance performs non-stop monitoring of ICS network security, helps to detect cyberattacks in their early stages, identifies negligent or malicious actions by staff, and promotes compliance with cybersecurity legislation and industry regulations.
Quick start and scalability
A flexible mix of components makes PT ISIM easy and quick to deploy, with minimal configuration required, on infrastructures belonging to companies in any industry. Whether rapid or gradual, scaling up is always a smooth process on even the most complex networks.
Non-stop protection and uninterrupted uptime
The monitoring architecture of PT ISIM is passive-only. Unlike other popular ICS security products, PT ISIM isolates ICS components from any possible interference.
Preventing economic losses
Setting up and maintaining an ICS network often involves numerous contractors. Sometimes these contractors even perform their jobs remotely, which opens up enormous security holes. Limiting and stopping remote desktop access is one of the most difficult but important parts of ensuring ICS security. Failure to do so can result in downtime and direct financial damage. To combat this, PT ISIM quickly flags cases of improper administration, such as upload of a project to a PLC, configuration changes, and turning on/off a PLC or other components.
PT ISIM hardware is installed at the client's site. Sensors responsible for performing ICS traffic analysis are available in several form factors, including a ruggedized industrial chassis.
Data diode for guaranteed one-way traffic
PT ISIM performs only passive analysis of the ICS network. To get a copy of traffic, PT ISIM can be connected either directly to a router mirror (SPAN) port or via a one-way data diode).
A special option, the PT ISIM Industrial Tablet, is available for engineering staff. The tablet notifies of critical incidents and prompts for urgent response based upon the procedures established at the company.
Central administration and SOC monitoring
PT ISIM-powered solutions can consolidate incident data while allowing for easy scalability. This is made possible by close integration of PT ISIM components with other products from Positive Technologies. PT ISIM can function as a source of information about security incidents for industrial SOCs.
"This is the first time, anywhere in the world, that cybersecurity has been applied in practice to the microprocessor systems that control train movement. We are grateful to Russian Railways for initiating the project and helping to see it through to completion. These results will be of interest to transportation companies around the globe."