Local Settings

The various settings screens are listed under Local Settings in the Main Navigation.

The following is a brief description of the information shown and actions available in each of the tabs.

Queries – activate/de-activate Query functions and adjust their frequency and settings. Queries are divided into separate screens for Asset Discovery, Controller and Network. See Queries.

System Configuration

  • Device – view and edit device details and network information (e.g. system time, DNS Servers, automatic logout (i.e. inactivity timeout)).

  • Sensors – view and manage Sensors, approve or delete incoming Sensor pairing requests, and configure Active Queries performed by Sensors. See Sensors.

  • Port Configuration – view how the ports on the device are configured. For more information on Port Configuration, see Installing the OT Security Appliance > Step 4 – Setup Wizard > SCREEN 2 – DEVICE.

  • Updates – perform updates of Plug-ins either automatically or manually through the cloud, or offline.

  • Certificate – view info about your HTTPS certificate and ensure a secure connection by either generating a new HTTPS certificate in the system or uploading your own. See Certificate.

  • API Keys – generate API keys to enable 3rd party apps to access OT Security via API. All users can create API keys. The API key will have the same permissions as the user that created it. According to their role. An API key is shown once, when it is first generated; the user must save it in a secure location for later use.

  • License – view, update and renew your license. See License.

Environment Configuration

Asset Settings

  • Monitored Network – view and edit the aggregation of IP ranges in which the system classifies assets.

  • Update Asset Details Using CSV – Update the details of your assets using a CSV template.

  • Add Assets Manually – Add new assets to your assets list using a CSV template.

Note: The max. number of IP ranges that can be sent to the Tenable Nessus Network Monitor is 128, therefore we recommend not exceeding this limit. In addition to the specified IP ranges, any host within the OT Security platform’s subnets or any Activity performing device will be classified as an asset.

  • Hidden Assets – view a list of assets that were hidden in the system (i.e. which the user chose to remove from the asset listings), see Inventory. You can restore hidden assets from this screen.

  • Custom Fields – you can create custom fields to tag Assets with relevant info. The custom field can be plain text or it can be a link to an external resource.

  • Event Clusters – enables you to cluster together multiple similar events that occur within a designated time range in order to facilitate monitoring them. See Event Clusters.

  • PCAP Player – enables you to upload a PCAP file containing recorded network activity and “play” it on OT Security, loading the data into your system. See PCAP Player.

Users and Roles – view, edit and export information about all user accounts.

  • User Settings – view and edit information about the User who is currently logged into the system (Full Name, Username and Password) and change the language used in the User Interface (English, Japanese, Chinese, French or German).

  • Local Users – An Admin user can create local user accounts for specific users and assign a Role to the account, see Users and Roles.

  • User Groups – An Admin user can view, edit, add and delete user groups. See Users and Roles.

  • Authentication Servers – User credentials can optionally be assigned using an LDAP Server, such as Active Directory. In this case, user privileges are managed on the Active Directory. See Users and Roles.

  • Integrations – set up integration with other platforms. OT Security currently supports integration with Palo Alto Networks Next Generation Firewall (NGFW) and Aruba ClearPass, as well as with other Tenable products (Tenable Security Center and Tenable Vulnerability Management). See Integrations.

  • Servers – view, create and edit servers configured in your system. Separate screens are shown for:

    • SMTP Servers –SMTP servers enable Event notifications to be sent via email.

    • Syslog Servers – Syslog servers enable Event logs to be logged on an external SIEM.

    • FortiGate Firewalls – The OT Security-FortiGate integration allows users to send firewall policy suggestions to a FortiGate firewall based on the OT Security network events.

  • System Actions – shows a sub-menu of system activities. The sub-menu includes the following options:

    • System Backup – enables you to back up your OT Security appliance (except packet capture data). To restore the system from a backup file, please contact https://www.tenable.com/products/tenable-ot. Please note that during the backup process OT Security will be unavailable to all users.

    • Export Settings – export OT Security platform configuration settings as an .ndg file to the local computer. This will serve as a backup in case of a system reset or to import to a new OT Security platform.

    • Import Settings – imports OT Security platform configuration settings that have been saved as an .ndg file on the local computer.

    • Download Diagnostic Data – creates a file with diagnostic data on the OT Security platform and stores it on the local computer.

    • Restart – restarts the OT Security platform. This is needed for activation of certain configuration changes.

    • Disable – disable all monitoring activities. You can reactivate the monitoring activities at any time.

    • Shut Down – shuts down the OT Security platform. To power on, press the Power button on the OT Security appliance.

    • Factory Reset – returns all settings to the factory default settings. Warning: this operation can’t be undone and all data in the system will be lost.

  • System Log – shows a log of all system events (e.g. Policy turned on, Policy edited, Event Resolved etc.) that occurred the system. You can export the log as a CSV file or send it to a Syslog server. See System Log.