Connect OT Security to the Network

You can use OT Security for both Network Monitoring and Active Query. For more information, see Network Considerations.

  • Network Monitoring — Connect the unit to a mirroring port on the network switch connected to the appropriate controllers/PLCs.

  • Active Query — Connect the unit to a regular port that has an IP address on the network switch connected to the appropriate controllers/PLCs.

In the default configuration, the Active Query and the Management Console use the same port on the unit (Port 1). However, after the initial setup, you can separate the Management port from the Active Query port, by configuring management on Port 3. After this configuration, you can connect Port 3 on the unit to a regular port on the switch to perform the management as described in Connect the Separate Management Port (Port Separation).

For the initial setup, connect Port 1 to a regular port on the network switch and connect Port 2 to a mirroring port.

To connect the OT Security appliance to the network:

  1. On the OT Security appliance, connect the Ethernet cable (supplied) to Port 1.

  2. Connect the cable to a regular port on the network switch.

  3. On the unit, connect another Ethernet cable (supplied) to Port 2.

  4. Connect the cable to a mirroring port on the network switch.

If you deployed the appliance using the .ova file, the appliance comes pre-configured with four network interfaces.

If you deployed a custom virtual appliance using the .iso file, make sure to configure the virtual machine as per the requirements described in System Requirements. For more information on configuring networking on VMware virtual machines, see the VMware documentation.