Safe, active OT scanning with full industrial asset discovery in networks lacking port mirroring or passive monitoring
Features
SAFE SCANNING
Ad hoc or scheduled scans of legacy and modern assets by type or IP range doesn’t load the network or devices
SEEING MORE
Directly queries devices, even silent and redundant ones
RICH ASSET DATA
Useful for asset inventories, vulnerability assessments, compliance audits, and risk assessments
HOLISTIC VIEW
Scans multiple sites from one location and combines data with iSID
HYBRID MODE WITH iSID
Sends proprietary broadcast messages and industrial protocol queries to devices, iSID listens to responses and correlates the data
SMALL, UNMANAGED SITES
Remotely monitors sites where iSID cannot be deployed, where budget is insufficient, or where network infra is unmanaged
How It Works
Active Scanner complements or replaces passive monitoring of industrial networks. Employing safe, targeted methods – communicating with OT assets using their native protocols – Active Scanner directly queries assets to obtain deeper data such as modules, versions, and patch levels, improving threat detection, risk management, and other cybersecurity solutions with a finer level of accuracy in alert generation, asset management, risk assessment, and compliance.
Active Scanner does not require any network reconfiguration to allow a mirrored stream for passive scanning, making it suitable for ICS networks that don’t allow mirrored streaming for IDS deployment. Furthermore, to minimize risk, Active Scanner never uses any brute force or exploit-based discovery methods on industrial assets.
Active Scanner allows for ad-hoc or scheduled scans, for discovering new assets and changing conditions on the OT network. In both cases the user is able to perform unicast scans of a defined IP range.
Hybrid Mode
Operating in hybrid mode, Active Scanner complements the existing passive listening functionality of the iSID industrial threat detection platform with an active scanning component. Active Scanner queries assets and iSID listens to their replies and correlates them with its asset inventory.
The Active Scanner dashboard provides an at-a-glance view of the operator’s scanning activity by type, activity and over time.
Outputs
Active Scanner creates a comprehensive security report, complete with all asset data and communication history, as well as a PCAP file for each execution for playing back its underlying communication. Scan results with scanned device parameters are saved to the Active Scanner, available for download in a particular format (PCAP, CSV or JSON), and transmitted to integrated Radiflow products such as iSID and CIARA for deeper analysis. Scan PCAP files for all types of scans are also available for download and can be uploaded directly to iSID.
Active Scanner working in tandem with iSID and/or generating files for upload
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.