CMC is a web application suitable to perform everyday tasks and control activities as well as a central security point to monitor the security status of the OT network.
CMC is built around a business-centric user interface, IT administrators are able to implement the desired network profile (intent based networking model), by only specifying security goals and leaving CMC the task of translating them into policies.
OT operators are equipped with an easy OT management interface. By means of tablet or smartphone, OT guys can gain access to a push button interface able to activate selectively the desired security profiles autonomously.
Network automation is put in place by a set of different security profiles that can be selected by the operators using the OT management interface. Central Management Console gives the capability to create simple and unambiguous network profiles for any working condition and, whenever they are used, to control the related security level achieved.
During everyday activities Central Management Console gives both IT and OT a real time view of the overall security network status
Current and historical working profiles and security level
Status of any assets
Details of exchanged traffic with active application session
Relevant threats with associated risk score calculated by self-learning AI algorithm
Node information with links and ports statuses
OT department have to face day-by-day working issues such as management activities, equipment’s faults, operators’ turnover, and so on. All working activities must be done respecting safety and security rules trying to maximise plant’s productivity. This can result in a complex scenario where the behaviour of the OT network must change rapidly to accomplish with the changeable scenario.
CMC gives operators an easy and intuitive push button interface to apply network profile made by IT administrator. For example, if an equipment needs local or remote maintenance, OT operators with a simple click on his tablet can modify the operation of the network allowing external intervention, which is normally not allowed.
Apply security profiles changing according the functionality of the network and the security level
Verify is security warnings of alerts have been detected within the network
Threats detection based on standard IPS can sometimes produce weak results if not harmful. It is well known that if the number of detected warnings is too hight or their relevance too low, sooner or later IPS results will no longer be considered. Consequently, security controls might, in practice, be dismissed.
To make things worse, the relevance of a warning can change with respect to different customers. In fact, depending on different types of assets, deployed services, and current workflows, a slightly different security profile must be put in place.
An effective security profile tailored to each client cannot be simply planned but must be pulled out basing on a daily monitoring activity where warnings are carefully weighed. This is the role of our Self-Learning AI.
AI is becoming crucial in any field of security, predicting possible threats with an associated weighted warning is a valuable strategy to cut minor reports and to focus on relevant risks.
Cybersecurity requires continues progress in threat detection and the ability to adapt security techniques of each individual customer. Nowadays, with the evolving capabilities of threats, human security is relegated to decision support once anomalies have been detected. This is the reason why it is mandatory to have a first decision making support based on AI able to unveil only real attacks or incidents and avoid false positives.
Self-Learning AI enables a new way of estimating a warning condition based on real-time data. This result in having threats with different score level depending on customers, network topology, working conditions, and so on. Moreover, it can identify and stop zero-day attacks, because it’s not learning from historical attack data. The Self-Learning ability of AI is crucial to deploy a tailored defence for different systems.
If you plan to deploy a large Edge SDN network in different locations, it could be more convenient to exploit the Central Management Console cloud version. It is a piece of cake!
OEMs can build their own Central Management Console Cloud environment in which they can provide maintenance services directly to their customers.
Available as Virtual Machine to be deployed in a Virtual environment or on a dedicated server, it is comfortably deployable in customer’s datacentres.
Central Management Console will be available in customers network without any external connection or access. This is the most secure version of the Edge SDN platform.