IT and OT are converging
In the past, OT was fully isolated from IT with only proprietary control protocols, specialized hardware, specific and proprietary operating systems, and even connections over copper lines. Nowadays, OT is often bridged and connected into corporate networks, using common internet protocols and more common-purpose hardware.
Along with such convergence comes risk associated with managing OT, as OT devices are no longer isolated from IT assets and their controls. Organizations need to start planning for managing these risks, as ransomware attacks are becoming more present for OT, as well.
Lansweeper OT
Lansweeper OT enables organizations to scan, detect and identify a wide range of OT devices from popular manufacturers such as Siemens, Rockwell Automation, Mitsubishi Electric and Schneider Electric. IT teams can quickly and easily create a complete and accurate OT asset inventory, appended with detailed information such as manufacturer, model, serial number, firmware versions and more. This information can be used to plan and manage maintenance, identify and remediate firmware vulnerabilities, and ensure OT systems and devices are protected and up to date at all times.
A common asset type in OT is an Industrial Control System (ICS), which is a mission-critical application with a high availability requirement, typically managed using Programmable Logic Controllers (PLCs). ICS's are used in most industrial processes and are integral to the manufacturing infrastructure.
Examples of OT Assets that can be scanned
- Programmable Controllers (PLC's)
- Remote Terminal Units (RTU's)
- Remote IO
- Building Management and Building Automation Systems, (BMS/BAS)
- Lighting controls both for internal and external applications
- Energy monitoring
Scanning Target Methods
There are three different methods of scanning the environment; Default, Advanced, and Import.
1-Default
The default method is more designed for discovery. It will quickly discover devices on the network through an IP address (CIDR formats are accepted). You can not specify specific ports or protocols to scan while using the default method. The default flow is also the recommended flow because if we are able to identify the device with a single ARP request, we only use the matching protocol. So it generates less traffic.
2-Advanced
The advanced scanning method is more customizable. You select the IP or IP range (CIDR formats accepted), schedule scans, assign specific ports/protocols to probe. Each protocol has been configured and programmed to carefully query the device without causing issues however it will generate more traffic then the default flow. Our advice is to only use the advanced flow on small ranges and if you know what you are doing.
3-Import
The import feature allows you to download a template to fill in with all your scanning target details. This document can be imported and scanning initiated. This templated-import process helps to speed the installation and setup process.
Note: Lansweeper's OT scanner is not appropriate for healthcare or Medical IoT. Please refer to Lansweeper's IT scanners for this use case.
Vendor Coverage
The OT sensor currently supports 13 protocols for the following vendors:
| Siemens |
ABB |
General Electric |
Moxa |
Itron |
| Schneider Electric |
Honeywell |
Wago |
Phoenix Contact |
Vipa |
| Fanuc |
Omron |
Rockwell |
Red lion Controls |
And more ... |
| Mitsubishi |
Beckhoff |
Lantronix |
Sick |
|
To learn more about supported vendors and devices with their protocols, you can reference: OT supported protocols
What information does Lansweeper detect for OT Assets?
Data that Lansweeper can retrieve are:
| Host name |
MAC address |
Manufacturer |
Protocol |
Bus configuration |
| IP address |
Serial |
Model |
Firmware version |
Device type |
