Solution Architecture

OT Security Components

Note: In this document, the OT Security Appliance is referred to as ICP (Industrial Core Platform).

The OT Security solution is composed of these components:

  • Tenable OT Security Enterprise Manager (OT Security EM) — This component collects data from OT Security at multiple sites, enabling you to configure, manage, control, and report on everything that happens across your OT enterprise. The OT Security EM can be deployed on premises as part of your NOC/SOC on a dedicated appliance (same model as the on-site OT Security appliance), or it can be deployed on a private or public cloud such as a virtual machine or AWS cloud service.

  • ICP (OT Security Appliance)— This component collects and analyzes the network traffic directly from the network (via a span port or network tap) and/or using a data feed from the Tenable OT Security Sensor (OT Security Sensor). The ICP appliance executes both the Network Detection and Active Query functions.

  • OT Security Sensors — These are small devices deployed on network segments that are of interest, up to one sensor per managed switch.OT Security sensors provide full visibility into these network segments by capturing all the traffic, compressing the data and then communicating the information to the OT Security appliance. You can configure Sensors version 3.14 and later to send out active queries to the network segments on which they are deployed.

Network Components

OT Security supports interaction with the following network components:

  • OT Security user (management) — You can create user accounts to control access to the OT Security Management Console. You can access the Management Console through a browser (Google Chrome) via a secure socket-layer authentication (HTTPS).

Note: You can only access OT Security user interface from the latest version of Chrome.