FortiGuard Operational Technology Security Service
Specialized Intrusion Prevention for OT Environments
Overview
The FortiGuard Operational Technology Security Service provides specialized intrusion prevention system (IPS) signatures to detect and block malicious traffic targeting applications and devices in manufacturing, plant, safety, and other operational technology (OT) environments. Combined with a FortiGate NGFW, malicious network traffic is blocked before causing harm by threat actors seeking to control or disrupt operations. In addition, the service can act as a virtual patch to provide immediate security protection until a vendor patch can be developed and deployed.
IPS for OT
The FortiGuard OT Security Service, deployed with FortiGate NGFWs and fueled by threat intelligence and a stream of new signatures from FortiGuard Labs, performs passive deep packet inspection (DPI) of your industrial network traffic to detect and block threats.
Application Control for OT
The FortiGuard OT Security Service offers protection for OT devices such as PLCs, RTUs, and HMIs and associated applications as a result of signature development conformant to common OT protocols.
Virtual Patching for OT
The service can perform virtual patching of unprotected applications while awaiting a patch. Also, Fortinet works closely with automation and control system vendors to develop OT IPS signatures to address known vulnerabilities in their platforms.
FortiGuard IPS with Industrial Security
With the FortiGuard OT Security Service deployed (in concert with the FortiGuard IPS Service) across your broader security infrastructure, Fortinet is able to analyze and deploy new OT IPS signatures in near real time for coordinated network response.
Multiply this workflow across Fortinet’s global customer base and you have a network effect that accelerates protection for OT environments faster than ever.
FortiGuard OT Security Use Cases
Today’s industrial cyber threats dictate that an OT/ICS IPS do more to protect an expanding network edge. The FortiGuard OT Security Service takes traditional OT/ICS IPS capabilities to the next level, providing coverage for the following use cases:
Secure Networks
Organizations with plant, manufacturing, facilities, and other industrial networks can analyze network traffic at scale to detect and block both known and suspicious network-based attacks targeting their OT applications and devices.
Accelerate Protection
Organizations can accelerate protection in near real-time across their broader security infrastructure, stopping further infection when a new threat is detected.
Virtually Patch
Organizations can shorten security exposures when vendor patches, and the time necessary to conduct the patch, are delayed.
Features and Benefits
Core Network Protection
Use deep packet inspection to scan traffic to detect and block threats
Protection for OT
Extend IPS protection to OT devices and applications through specialized signature sets designed for OT environments
Virtual Patching
Protects vulnerable OT apps from exploits when patches aren’t immediately applied
Coordinated Network Response
Deploy new OT security countermeasures in near-real time through coordinated network actions
Lifecycle Protection
Address initial access stages of the kill chain and MITRE ATT&CK® framework
Resources
FortiGuard Outbreak Alerts
Read More
2023 State of Operational Technology and Cybersecurity Report
Download Report
