Magazine Button
European Gas Infrastructure Company Implements Network Monitoring

European Gas Infrastructure Company Implements Network Monitoring

The company carried out the first ICS/SCADA network monitoring installation in 2012, making it an outstanding front-runner among critical infrastructure organizations worldwide.

The Objective

Implement a solution to achieve continuous situational awareness, validate network and operational changes, and detect known and unknown cyberattacks before they impact the national gas infrastructure.

The Challenge

The project involves both legacy OT systems and technology, and traditional IT networks and protocols. Therefore, the desired solution must: • Identify ICS devices and understand proprietary ICS protocols, as well as custom extensions of standard ones. • Analyze in full depth IT protocols to detect both known and zero-day attacks. • Define a baseline of normal operations for both ICS networks and dynamic back office networks. • Validate network and operational changes and alert in real-time for undesired network activity.

The Solution

SilentDefense detected the operational scenarios and cyber attacks simulated during the on-site proof of concept, and was chosen to monitor both the HMI network of gas storage sites and the gas distribution pipeline. Currently, SilentDefense monitors more than 400 IT systems and servers and  thousands of RTUs scattered across the country.

The Results

Among the daily operational insights provided by SilentDefense to the company’s operators, it identified two critical network and device misconfigurations which had a direct impact on the process and the company’s disaster recovery procedures: • Inconsistencies between production and acceptance network blueprints. Seeing as the acceptance network blueprint was to be used for recovery in the case of network failures, the result would have been an incorrect and possibly unpredictable operation of the gas infrastructure. • RTUs not configured correctly by the vendor and reporting invalid values for customized fields of a standard SCADA protocol. As a result of the invalid values, the SCADA server could not guarantee accurate calculations and forecasting.

Click below to share this article

Please fill the form below to view the content.

    *Required fields
    First Name *
    Last Name *
    Email *
    Company *
    Industry Sector *
    Country *
    Phone Number *
    Temporary Phone Number *

    Please provide the phone number you can be reached at whilst the world adapts to the COVID-19 outbreak, if different from your regular phone number, in the box below.

    Job Title *
    Company Size *

    In order to be able to provide you with the most relevant data, can you please answer the questions below:
    What are your current priorities with regards to cyber security?
    Did you shift priorities due to the COVID-19 outbreak?
    Which of the following areas do you feel are a business need for your company? – tick all that apply
    Device visibility - know what is connected to your IT/OT network real timeAsset management - to accurately secure connected devicesDevice compliance - to evaluate and ensure complianceNetwork Access Control - to control access easy and simpleNetwork segmentation - to confidently segment your networkIncident response - to respond and remediate quicklyNone of the above

    Yes, I authorize Forescout to receive my personal contact details data for the purpose of sending Forescout information on products, services, and/or events. For more information, please view the Forescout privacy policy here: https://www.forescout.com/privacy-policy/
     
     

    Browse our latest issue

    Intelligent CISO

    View Magazine Archive