Local Settings

The Local Settings section in OT Security includes most of the configuration pages for OT Security. The following pages are available under Local Settings:

Active Queries — Activate/deactivate query functions and adjust their frequency and settings. See Active Queries.

Sensors — View and manage sensors, approve or delete incoming Sensor pairing requests, and configure Active Queries performed by Sensors. See Sensors.

System Configuration

  • Device — View and edit device details and network information. For example, system time, automatic logout (that is, inactivity timeout).

    Note: You can configure DNS servers in Tenable Core. For more information, see Manually Configure a Static IP Address in the Tenable Core + Tenable OT Security User Guide.

  • Port Configuration — View how the ports on the device are configured. For more information on Port Configuration, see Device.

  • Updates — Perform updates of plugins either automatically or manually through the cloud, or offline.

  • Certificate— View information about your HTTPS certificate and ensure a secure connection by either generating a new HTTPS certificate in the system or uploading your own. See System Configuration.

  • API Keys — Generate API keys to enable third-party apps to access OT Security via API. All users can create API keys. The API key has the same permissions as the user that created it, according to their role. An API key is shown once, when it is first generated; you must save it in a secure location for later use.

  • License — View, update, and renew your license. See License.

Environment Configuration

  • Asset Settings

    • Monitored Network — View and edit the aggregation of IP ranges in which the system classifies assets. See Monitored Networks.

    • Update Asset Details Using CSV — Update the details of your assets using a CSV template.

    • Add Assets Manually — Add new assets to your assets list using a CSV template. See Add Assets Manually.

    Note: The maximum number of IP ranges that can be sent to the Tenable Nessus Network Monitor is 128, therefore Tenable recommends not exceeding this limit. In addition to the specified IP ranges, any host within the OT Security platform’s subnets or any activity performing device is classified as an asset.

    • Hidden Assets — View a list of hidden assets in the system. These are assets removed from the asset listings, see Inventory. You can restore hidden assets from this page.

    • Custom Fields — Creates custom fields to tag assets with relevant information. The custom field can be plain text or it can be a link to an external resource.

    • Event Clusters — Allows you to cluster together multiple similar events that occur within a designated time range for monitoring them. See Event Clusters.

    • PCAP Player— Allows you to upload a PCAP file containing recorded network activity and “play” it on OT Security, loading the data into your system. See PCAP Player.

  • Users and Roles — View, edit, and export information about all user accounts.

    • User Settings — View and edit information about the user who is currently logged into the system (Full Name, Username, and Password) and change the language used in the user interface (English, Japanese, Chinese, French, or German).

    • Local Users — An administrator user can create local user accounts for specific users and assign a role to the account, see User Management.

    • User Groups — An administrator user can view, edit, add, and delete user groups. See User Management.

    • Authentication Servers — User credentials can optionally be assigned using an LDAP Server, such as Active Directory. In this case, user privileges are managed on the Active Directory. See User Management.

  • Integrations — Set up integration with other platforms. OT Security currently supports integration with Palo Alto Networks Next Generation Firewall (NGFW) and Aruba ClearPass, as well as with other Tenable products (Tenable Security Center and Tenable Vulnerability Management). See Integrations.

  • Servers — View, create, and edit servers configured in your system. Separate screens are available for:

    • SMTP Servers — SMTP servers enable Event notifications to be sent via email.

    • Syslog Servers — Syslog servers enable Event logs to be logged on an external SIEM.

    • FortiGate Firewalls — The OT Security-FortiGate integration allows you to send firewall policy suggestions to a FortiGate firewall based on the OT Security network events.

  • System Actions — Shows a sub-menu of system activities. The sub-menu includes the following options:

    • Factory Reset — Returns all settings to the factory default settings.

      Caution: This operation cannot be undone and all data in the system will be lost.

      The following options are now available from Tenable Core:

      • System BackupStarting in 3.18, you can take a backup and restore your OT Security using the Backup/Restore page in Tenable Core. For more information, see Application Data Backup and Restore.To restore using CLI, see Restore Backup Using CLI.
      • Export Settings — Export OT Security platform configuration settings as an .ndg file to the local computer. This serves as a backup in case of a system reset or to import to a new OT Security platform.

      • Import Settings — Imports OT Security platform configuration settings saved as an .ndg file on the local computer.

      • Download Diagnostic Data — Creates a file with diagnostic data on the OT Security platform and stores it on the local computer.

      • Restart — Restarts the OT Security platform. This is needed for activation of certain configuration changes.

      • Disable — Disable all monitoring activities. You can reactivate the monitoring activities at any time.

      • Shut Down — Shuts down the OT Security platform. To power on, press the Power button on the OT Security appliance.

  • System Log — Shows a log of all system events that occurred in the system. For example, Policy turned on, Policy edited, Event Resolved, and so on. You can export the log as a CSV file or send it to a Syslog server. See System Log.