Intrusion Detection Systems Put Strong Limits On Security
Powerless against new attack patterns
Intrusion Detection Systems (IDS) focus on signature-based threat detection. This only recognizes known attack patterns, proving them powerless to unknown or new attacks. Even heuristically functioning IDS can only detect unknown variants of attacks to a very limited extent.
No specialization on OT
IDS are IT-centered and only partially applicable in industrial control systems. Their capability to analyze industrial protocols and communication patterns are very limited.
Limited scope and lots of blind spots
The visibility of an IDS is limited to the network boundary or the monitored computer system. Attacks that have successfully penetrated the network usually remain undetected.
Since IDS have active components, they can themselves become targets of an attack and be manipulated.
ICS Monitoring with 360° Industrial Security
Intrusion Detection even of new attack patterns
The Rhebo network monitoring with anomaly detection complements the signature-based attack detection of firewalls and IDS with a behavior-based content analysis. This means that even unknown attack patterns, human errors and manipulation via authorized user profiles are reliably detected.
Support of IEC 62443
Rhebo ICS monitoring also enables visualization and inventory documentation of the ICS and its communication profile. This enables setting up and monitoring zones and conduits in accordance with IEC 62443.
360° Threat Defence
Network monitoring not only monitors the network boundaries or individual systems. Instead, network monitoring observes all processes that take place within the ICS. The extensive coverage of industrial protocols and processes also allows continuous protection tailored specifically to industrial networks. This allows operators to address the threat development posed by the increasing number of IoT devices. In addition to attacks and manipulation, technical error states are also reported. In this way, operators can immediately and systematically mitigate any threat − whether relevant to security or operations.
Solution brief for Industry
Fight off cyber attacks and increase process stability in industrial environments.
Solution Brief for Energy & Water
Intrusion & threat detection at energy and water companies.
Technical Guide IEC 62443
Implementing defense in depth and industrial security according to IEC 62443.