In August 2019, Cisco acquired Sentryo, a developer of solutions dedicated to managing the cyber risk of industrial control systems. Cisco has relaunched Sentryo’s product as Cisco Cyber Vision, and now offers the most comprehensive portfolio of OT security products on the market.
Cisco Cyber Vision provides full visibility into ICS infrastructures, including dynamic asset inventory, real-time monitoring of process data, and comprehensive threat detection. The product uses tags to highlight asset roles and communications, so that any OT and IT team member can easily understand the industrial infrastructure and operational events.
Cyber Vision combines protocol analysis, threat intelligence from Cisco research teams, intrusion detection, and behavioral analysis to detect any attack tactic. Fully integrated with Cisco’s security portfolio, it feeds your SOC with OT context so you can define security policies and filtering rules based on asset profiles and OT events. Cyber Vision can also be integrated with other IT platforms like IBM QRadar, RSA Security, McAfee, Palo Alto Networks, Fortinet and more.
Cyber Vision uses a software sensor built into industrial network equipment. This allows for full visibility without the need for additional hardware, cabling, SPAN capabilities, out-of-band monitoring or increased network traffic. Network managers will appreciate the simplicity and the lower costs when looking to deploy OT security at scale.