FortiGuard Industrial Security Service
Specialized Intrusion Prevention for OT EnvironmentsContact Us
The FortiGuard Industrial Security Service provides specialized intrusion prevention system (IPS) signatures to detect and block malicious traffic targeting applications and devices in manufacturing, plant, safety, and other operational technology (OT) environments. Combined with a FortiGate NGFW, malicious network traffic is blocked before causing harm by threat actors seeking to control or disrupt operations. In addition, the service can act as a virtual patch to provide immediate security protection until a vendor patch can be developed and deployed.
The FortiGuard Industrial Security Service, deployed with FortiGate NGFWs and fueled by threat intelligence and a stream of new signatures from FortiGuard Labs, performs passive deep packet inspection (DPI) of your industrial network traffic to detect and block threats.
The FortiGuard Industrial Security Service offers protection for OT devices such as PLCs, RTUs, and HMIs and associated applications as a result of signature development conformant to common OT protocols.
The service can perform virtual patching of unprotected applications while awaiting a patch. Also, Fortinet works closely with automation and control system vendors to develop OT IPS signatures to address known vulnerabilities in their platforms.
Today’s industrial cyber threats dictate that an OT/ICS IPS do more to protect an expanding network edge. The FortiGuard Industrial Security Service takes traditional OT/ICS IPS capabilities to the next level, providing coverage for the following use cases:
Organizations with plant, manufacturing, facilities, and other industrial networks can analyze network traffic at scale to detect and block both known and suspicious network-based attacks targeting their OT applications and devices.
Organizations can accelerate protection in near real-time across their broader security infrastructure, stopping further infection when a new threat is detected.
Organizations can shorten security exposures when vendor patches, and the time necessary to conduct the patch, are delayed.