The solution we propose to ensure OT and IT security is the use of the NOZOMI NETWORKS (NN) platform, based on the Guardian product. It is a passive and non-intrusive analysis technique for detailed analysis of LAN traffic.
​
The safety procedure can be schematized as follows:
-
Analyses traffic, Asset Inventory and Vulnerability Assessment:
the Asset Intelligence allows to recognize all the devices on the network and indicates the known vulnerabilities; in the collected traffic analysis phase, the experience of the Security Analyst allows to recognize the situations to be corrected, the anomalous traffic and the misconfigurations; that leave traces in the traffic and in the variables of the OT protocols.
-
Monitoring,Thread Intelligence and Network Security Analysis:
the previous phase, with a robust dose of analysis, allows you to design interventions to secure industrial LANs while the Anomaly Detection and Intrusion Detection functions inserted in the AI engine of the Guardian allow you to feed a SIEM of the Company SOC for which you are running the security scan.
-
Project planning and implementation:
on the basis of the level of maturity detected, interventions are designed to raise the security level which can range from patching systems (eg WSUS) backup to authentication systems (eg. AD) completed with a PKI.
Trattiamo le procedure di messa in sicurezza informatica specifiche nel campo OT per sistemi che impiegano protocolli curati dal TC 57 del IEC che prevedono l'adeguamento alla norma IEC62351 dei sistemi SCADA (protocollo IEC 60870-5-104), della rete dei dispositivi periferici (RTU) e delle LAN di automazione (protocollo IEC 61850 MMS/GOOSE/SV).
Progettiamo sistemi di regolazione specifici con l’impiego di algoritmi di ottimo per la regolazione di tensione, potenza, energia correlati con l’attuazione automatica dei piani di produzione derivanti dalla Borsa dell’Energia Italiana (IPEX).