Pair ICP with Enterprise Manager
You can pair your Industrial Core Platform (ICP) with OT Security EM and manage all your sites.
Before you Begin
Make sure that:
-
OT Security EM can connect via API to the ICP.
-
SSH connection exists between ICP and OT Security EM in both directions.
-
HTTPS connections exist between ICP and OT Security EM.
Use the following curl commands to verify the SSH and HTTPS connections:
-
From OT Security EM, run:
curl -v telnet://<ICP_IP>:22 -
From ICP, run:
curl -v telnet://<ICP_IP>:22 -
From OT Security EM, run:
curl -k https://<ICP_IP> () -
From ICP, run:
curl -k https://<IEM_IP>
To pair ICP with OT Security EM:
-
Create a pairing object on the OT Security EM for each system you want to connect.
Make sure the .bin file is a unique name, as you need to call it later.
Copysudo /home/indegy/tools/klee --user <IEM_USER> --password <IEM_USER_PASSWORD> --url https://<IEM_IP> iem pairing create --outfile /home/indegy/<pairing_icp_name>.binWhere:
-
IEM_User is the user ID of the system.
-
IEM_User_Password is the password of the system.
-
IEM_IP is the IP address of the system.
-
pairing_icp_name is the name of the .bin file.
-
-
Attach to the ICP from the OT Security EM.
Copysudo /home/indegy/tools/klee --url https://<ICP_IP> --user <ICP_USER> --password <ICP_USER_PASSWORD> iem attach --infile /home/indegy/<pairing_icp_name>.binWhere:
-
ICP_IP is the IP address of the ICP.
-
ICP_User is the user ID of the ICP.
-
ICP_User_Password is the password of the ICP.
-
pairing_icp_name is the name of the .bin file.
-
-
To confirm that the pairing is succeeded, run the following command from OT Security EM:
Copysudo ./klee --user <IEM_USER> --password <IEM_USER_PASSWORD> --url https://<IEM_IP> iem statusOT Security EM pairs with the ICP and you can start managing your sites.
Cancel a Pairing Process
To cancel or delete a pending pairing process:
-
From OT Security EM, run this command:
Copysudo ./klee --url https://<IEM_URL> --user <IEM_USER>--password <IEM_USER_PASSWORD> iem pairing delete