We deploy "agents" written in the standard controller programming languages like Ladder Logic and Structured Text to continuously collect the native diagnostics that automation vendors have already built into their controllers. The diagnostics are then efficiently and securely streamed to our on-site server for forensics and patented anomaly detection.
Network monitoring products can only see what is sent over the network, so they are blind to communications and assets over USB and serial cables. With an agent inside the controller, you can monitor serial asset information and detect events like program downloads initiated from local serial connections.
Pinpoint the source of everyday controller issues faster than ever with a historical snapshot of the controller's diagnostics at the time of an incident and automated alerts for common issues.
Network monitoring products require expensive hardware sensors to collect and analyze traffic. Our software-only approach simply requires the user application layer installation of the agent on the controllers and a single server at a central location on site.
Before network monitoring products can be deployed, the network must be using managed switches, which is not always the case in ICS networks. Our software agents can use a unique unidirectional protocol to "piggyback" on existing open outbound ports, requiring no upgrades to switches and no changes to the firewall rules.
LogicWatch Pro Datasheet (pdf)
Download