Symantec Anomaly Detection for Industrial Control Systems

Security analytics that learn your ICS network and proactively detects attacks

Download the data sheet

Cutting-edge security analytics built for ICS systems

Anomaly Detection for ICS passively monitors message traffic in industrial systems, learns what is normal behavior, and flags anomalous activity that may indicate an attack

Automatic learning and policy creation

  • Learns all the devices and behaviors in a subnet from message traffic
  • Detection does not require writing rules or policies
  • User input improves the baseline over time

Protects against wide range of industrial attacks

  • Deep Packet Inspection of ICS protocols
  • Detects anomalies in network metadata, transport and application layer protocols, payload values, and traffic rates

Breadth and depth of detection on premise

  • Analytics “at the edge” does not require internet connectivity, keeps sensitive data in the facility

Request a Consultation

System Requirements

  • Anomaly Detection for Industrial Control Systems runs on existing or off-the-shelf hardware
  • Small footprint allows multiple deployment options:
    • Attached to SPAN port
    • Run in VM on gateway or router
    • Bump-in-the-wire physical network tap
  • Compatible with nearly all hardware and operating systems
  • Minimal compute, memory, and disk space requirements

Resources

Related Solutions and Product