Partner Solutions

RAM2 - Cisco Integration

OTORIO RAM2 manages cyber risks and keeps your production lines safe and operational. The RAM2 - Cisco integration generates insights on how to prevents risks. 

RAM2, OTORIO’s next generation Security Orchestration, Automation, and Response (SOAR) platform, maximizes the capabilities of Cisco’s Industrial Security Appliances.

The RAM2-Cisco Integration provides continuous cyber risk assessment of the OT network using Cisco Syslogs. The OTORIO security engine correlates events from Cisco with data and events from multiple security and industrial systems to generate insights about how to prevent risks.

Integration Benefits

  • Maximizes the capabilities of the Cisco firewall installed base
  • Improves visibility by providing asset inventory of the firewalls themselves and the assets behind them
  • Protects your network by monitoring activities and detecting suspicious behavior and correlating it with other events
  • Reduces risks with attack graph simulation that provides prioritized mitigation actions for proper segmentation and risk reduction

 

Use Cases:
Segmentation Assessment

RAM2 creates a digital twin of the OT network and uses it to simulate cyber attacks to evaluate and prioritize the risks to operational continuity. For each of the risks, RAM2 generates accurate mitigation recommendations for proper segmentation and risk reduction. It combines the network topology with information about asset vulnerabilities and the potential impact of an attack on each asset. The actual firewall rules from Cisco’s firewall are analyzed for an accurate analysis of the attack graph and provides suggestions for configuration changes.

Detection of Suspicious Activity

RAM2 monitors remote access and raises alerts about suspicious authentications (failures or activity during unexpected hours) to the factory by an employee or maintenance team. By correlating events from Cisco firewalls with data from additional sources, RAM² identifies malicious patterns and adds important industrial context that reflects potential impact on operational continuity.

OTORIO’s RAM2 Solution

OTORIO RAM2 is a centralized, simplified, and automated industrial digital and cyber risk management solution. It is an unparalleled, industrial SIEM & SOAR platform, drawing from industrial and security data sources to automate and coordinate converged IT-OT security tasks for rapid remediation and response. The RAM2 platform integrates seamlessly with a variety of production floor data sources (e.g., antivirus and firewall) and uses an industrial-intuitive UX/UI that can be operated by production operational personnel.

loader
×

OTORIO website uses cookies. By continuing to browse the site you are agreeing to our use of cookies. For more details about cookies and how to manage them, see our cookie policy.

Continue