Radiflow’s Active Scanner Illuminates OT Network Devices Without Passive Monitoring
June 2023 by MARC JACOB
Radiflow has announced its Active Scanner is now available for Active Asset Discovery & Data Enrichment on ICS Networks. CISOs can now identify all network devices without interrupting critical processes that operate around the clock.
As companies increasingly rely on passive intrusion detection systems (IDS), they have had to balance the benefit of standard security systems with the lack of visibility into dormant or hidden network devices. For backup servers and other non-active devices, this means they won’t be able to respond to queries for CISOs to understand their risk posture. This makes it challenging for companies to properly comply with regulations and secure their business against costly downtimes. Addressing this concern, Radiflow developed the Active Scanner as part of its recently released CIARA 4.0 to give teams insight and query capabilities into all devices.
This gives the same amount of control to OT cybersecurity professionals that have been enjoyed in the IT field for years. In contrast, CISOs of OT networks have had to manage with protecting their assets without being able to take them offline for analysis or upgrade them with restarts. In response, Active Scanner uses per-vendor and per-protocol queries, which are detected by iSID – Radiflow’s industrial threat detection and management platform. By listening to assets’ responses, iSID is able to correlate the sent data with its asset management database, discovering any ‘silent’ assets on the network.
As new regulations and standards begin being put into practice, OT CISOs are moving towards greater automation and network transparency in order to keep mission critical devices protected without being taken offline. Designed to operate in both standalone or hybrid mode with iSID, OT network operators can rely on Active Scanner to provide safe active query methods without disrupting operations.
Scan results with scanned device parameters are saved to the Active Scanner, allowing teams to export it in various formats, should they need to share the information to address new vulnerabilities or an active breach.