Management Console UI Elements

The OT Security Enterprise Manager Management Console (UI) provides easy access to enterprise-wide data that was discovered by the OT Security appliances at the various sites. This data relates to asset management, network activity and security events. The OT Security Enterprise Manager also enables you to configure and manage the OT Security appliance for each of your sites.

This chapter gives a brief overview of the UI elements. Details about specific UI functionality are provided in Using OT Security Enterprise Manager in Site Mode and Using OT Security Enterprise Manager in Enterprise Mode.

Site and Enterprise Modes

The OT Security Enterprise Manager UI has two different modes of operation, Site mode and Enterprise mode. Select the desired mode at the top of the Main Navigation pane.

Site Mode

In Site mode, the UI shows data for one particular site. In this mode, the OT Security Enterprise Manager user is logged in as an admin, with full access to all OT Security functionality (such as viewing data, configuring Policies and adjusting system settings) except for creating and managing local users. For a complete explanation of the procedures for using the OT Security Enterprise Manager in Site mode see the Using OT Security Enterprise Manager in Site Mode.

Enterprise Mode

In Enterprise mode, the UI shows information about each of your appliances. You can also view and adjust the local EM settings, including local user management. For an explanation of the data shown and the actions available in Enterprise mode see Using OT Security Enterprise Manager in Enterprise Mode.

Main UI Elements

The following table describes the Main UI elements which are shown at all times.

UIElement

Description
Mode Selection Select a mode: select "EM" for Enterprise mode or select a particular site for Site mode.

Main Navigation

Main navigation menu. Click on the icon to show/hide the main navigation menu

Current Date and Time

Shows the current date and time as registered in the system.

Current User

Shows the name of the user who is currently logged into the system. Click on the down arrow for a selection menu. Menu options are About (shows software info) or Logout.

Version Info

Shows the software version OT Security Enterprise Manager.
Main Screen Displays the screen that was selected in the Main Navigation.
Dark Mode/Daylight Mode Changes the display color scheme to Dark mode or Daylight mode.
Export Downloads a PDF of the dashboard.

Main Screens

The UI has several main screens that can be accessed from the Main Navigation. The following is a brief description of the various screens.

Enterprise Screens

When Enterprise mode (EM) is selected, the following navigation options are available:

  • Dashboards - view widgets containing graphs and tables that give an at-a-glance view of your entire enterprise’s inventory and security posture based on aggregated data from your Sites. There are separate dashboards for Risk, Inventory, and Events and Policies. See the Dashboards section.

  • Appliances – displays info about each of the sites connected to the EM. See the Appliances Screen section.

  • Local Settings – view and configure the EM settings, and view and generate a certificate for secure HTTPS connections for the EM. See the Local Settings section.

  • User Management – view and configure users for the EM. See the Users and Roles section.

  • System – displays system-level options (e.g. Factory Reset, Download Diagnostics Data, Restart, and Shut Down). See the Syslog Servers

Site Screens

When Site mode is selected, the following navigation options are available for the specified site:

  • Dashboards - view widgets containing graphs and tables that give an at-a-glance view of your Site’s inventory and security posture. There are separate dashboards for Risk, Inventory, and Events and Policies. See Chapter Dashboards in the OT Security User Guide.

  • Events – shows all Events that have occurred, as a result of Policy hits, in the system. There is a screen for viewing All Events as well as separate screens for viewing Events of each specific type (Configuration Events, SCADA Events, Network Threats or Network Events). See Chapter Events in the OT Security User Guide.

  • Policies – view, edit and activate Policies in the system. See Chapter Policies in the OT Security User Guide.

  • Inventory – displays an inventory of all the discovered assets, allowing comprehensive asset management, monitoring of the status of each asset, and viewing their related Events. There is a screen for viewing All assets as well as separate screens for viewing assets of specific types (Controllers and Modules, Network Assets and IoT). See Chapter Inventory in the OT Security User Guide.

  • Network Map – shows a visual representation of the network assets and their connections throughout time.

  • Vulnerabilities – shows a detailed list all the threats in the network detected by OT Security Plugins, and provides recommended remediation steps. This section includes CVEs as well as other threats to the assets in your network (e.g. obsolete operating systems, usage of vulnerable protocols, vulnerable open ports, etc.).

  • Network – provides a comprehensive view of the network traffic by showing data about conversations that took place between assets in the network over time. See Chapter Network in the OT Security User Guide. The information is shown on three separate screens:

    • Network Summary - shows an overview of network traffic

    • Packet Captures - shows full-packet captures of network traffic

    • Conversations – shows a list of all conversations detected in the network, with details about the time that it occurred, involved assets etc.

  • Groups – view, create and edit Groups, which are used in Policy configuration. See Chapter Groups in the OT Security User Guide.

  • Local Settings – view and configure the system settings. See Chapter Local Settings in the OT Security User Guide.

Turning On/Off Dark Mode

The user may use the Dark Mode color scheme on all screens by toggling the Dark Mode switch.

To turn on/off Dark Mode:

  1. Click the Dark Mode button at the top of the screen to turn on Dark Mode.

    The setting is applied to all screens and the Daylight Mode button is shown.

  2. To restore the Daylight Mode setting, click the Daylight Mode button.

Exporting the Dashboard

The Export button of the Dashboard screen exports a PDF with each Dashboard widget on a separate page.

To export the Dashboard:

  1. In the top-right corner of the Dashboard, click the Export button ().

    The PDF downloads automatically to the default download folder.

    Note: Make sure to leave the Dashboard tab open in your browser while the PDF download is in progress (2-3 seconds).

  2. Navigate to the file that was just downloaded to view or share it.

Working with Lists

The various OT Security screens display the data relevant to that screen in table format with a record for each item. These tables have standardized customization features such as showing/hiding columns and filtering and sorting results.

For a full explanation of the methods of interacting with tables, see Working with Lists in the OT Security User Guide.