Network Monitoring Cyber Security

Intrusion Detection

»Intrusion Detection Systems vs ICS Monitoring with Anomaly Detection«

Intrusion Detection Systems Put Strong Limits On Security

Powerless against new attack patterns

Intrusion Detection Systems (IDS) focus on signature-based threat detection. This only recognizes known attack patterns, proving them powerless to unknown or new attacks. Even heuristically functioning IDS can only detect unknown variants of attacks to a very limited extent.

No specialization on OT

IDS are IT-centered and only partially applicable in industrial control systems. Their capability to analyze industrial protocols and communication patterns are very limited.

Limited scope and lots of blind spots

The visibility of an IDS is limited to the network boundary or the monitored computer system. Attacks that have successfully penetrated the network usually remain undetected.


Since IDS have active components, they can themselves become targets of an attack and be manipulated.

ICS Monitoring with 360° Industrial Security

Intrusion Detection even of new attack patterns

The Rhebo network monitoring with anomaly detection complements the signature-based attack detection of firewalls and IDS with a behavior-based content analysis. This means that even unknown attack patterns, human errors and manipulation via authorized user profiles are reliably detected.

Support of IEC 62443

Rhebo ICS monitoring also enables visualization and inventory documentation of the ICS and its communication profile. This enables setting up and monitoring zones and conduits in accordance with IEC 62443.

360° Threat Defence

Network monitoring not only monitors the network boundaries or individual systems. Instead, network monitoring observes all processes that take place within the ICS. The extensive coverage of industrial protocols and processes also allows continuous protection tailored specifically to industrial networks. This allows operators to address the threat development posed by the increasing number of IoT devices. In addition to attacks and manipulation, technical error states are also reported. In this way, operators can immediately and systematically mitigate any threat − whether relevant to security or operations.



By submitting my data, I confirm its use for sending me your demo and for other purposes specified by me in the selection fields. I can deny this service at any time by e-mail.

What is the sum of 5 and 7?

* Field is required. The security of your data is important to us.

  • Solution brief for Industry


    Fight off cyber attacks and increase process stability in industrial environments.


    Download solution brief

  • Solution Brief for Energy & Water


    Intrusion & threat detection at energy and water companies.


    Download Solution Brief

  • Technical Guide IEC 62443


    Implementing defense in depth and industrial security according to IEC 62443.


    Download Technical Guide