Get Started with VMDR OT
Qualys VMDR OT provides comprehensive visibility and vulnerability management for critical infrastructure across all industrial network layers - Control, Supervisory, and Site Operations.
Industrial IoT (IIOT) and smart manufacturing greatly enhance Overall Equipment Efficiency (OEE) and cost savings. However, they also increase enterprises’ exposure to cyber-attacks due to rapid digitization and newly established inter-connectivity between previously air-gapped industrial environments and enterprise networks. Industrial assets have higher availability and reliability requirements. Their functioning round the clock and malfunction can potentially lead to significant physical safety incidents. Qualys provides a single platform and a single pane of glass for all IT & OT Asset Inventory, Vulnerabilities Management, Policy Audit/Policy Compliance, and OT Endpoint based Threat Detection and Response.
Typically, industrial processes are supported by multiple equipment manufactured by different industrial vendors and powered by varied industrial protocols such as Ethernet/IP, Modbus TCP, Siemens S7 Comm, S7Comm Plus, Profinet, BACnet, and DNP3, among others. Many of these protocols are insecure by design, lacking basic authentication and encryption, so it is even more critical to have visibility and regular risk assessments conducted in these environments.
Know the Requirements
VMDR OT application can be accessed with a subscription to VMDR, Cyber Security Asset Management (CSAM) and Qualys Network Passive Sensor (NPS) applications.
Get Started!
VMDR OT is powered by Qualys Network Passive Sensor. It continuously monitors all network traffic and flags any asset activity. It identifies and profiles devices the moment it is connected to the network.
Qualys Network Passive Sensor (NPS) identifies assets in an industrial environment that can’t be actively scanned. Qualys Network Passive Sensor (NPS) enriches existing asset inventory with additional details, such as recent open ports, traffic summary, network services, and applications. This helps to gain a deeper understanding of an asset and its activity on the network in real-time.
Discover Assets and Collect InventoryDiscover Assets and Collect Inventory
Once Qualys Network Passive Sensor is deployed and configured in the network, it starts passively listening to the network traffic and creating assets based on the information dissected from the traffic. For more details on deployment, refer to Deploying Qualys Network Passive Sensors.
Over the period, with various asset activities seen on the wire, the passive sensor will continue to enhance the asset inventory attributes with additional contextual information. The time taken for a complete asset context to be built is based on the type of industrial protocol and the type of activities performed in the environment.
Start generating traffic required for device identity and retrieve device information from the programming software you use to configure and manage your network devices. For steps to generate this traffic, refer to the Device Discovery Documents.
Asset inventory can also be created using ICS Out of band configuration assessment using the project files collected from programming and maintenance software. For more details on generating the project file from programming and maintenance software, refer to Generating a Project File. To upload the project files and to view the details of imported asset inventory, refer to the Import Asset tab
Detect and MonitorDetect and Monitor
Qualys Network Passive Sensor monitors network activity without any active probing of devices to detect active assets in the network. The ICS asset inventory is continuously updated depending on the asset activities flagged by the Qualys Network Passive Sensor. For information about the ICS asset inventory, refer to Viewing Asset Details.
To view network traffic that displays the communication between server and client in the network, refer to Network Tab.
Vulnerabilities on your ICS assets are detected and listed in the Vulnerabilities tab.
We have the most up-to-date KnowledgeBase of vulnerabilities in the security industry, and it's continuously getting updated. For more details, refer to Viewing KnowledgeBase.
Visualize the Assets and Vulnerability Postures on the Dashboard
Customizable Dynamic Dashboards
Dashboards help you visualize your assets, see your threat exposure, leverage saved searches, and quickly fix the priority of vulnerabilities.
Qualys VMDR OT integrates with Unified Dashboard (UD) to bring information from all Qualys applications into a single place for visualization. UD provides a powerful, new dashboarding framework and platform service that will be consumed and used by all other products to enhance the existing dashboard capabilities.
Qualys VMDR OT offers several dashboards out-of-the-box. Each dashboard displays a short description of the information it offers. You can also easily configure widgets to pull information from other modules/applications and add them to your dashboard. You can add as many dashboards as you like to customize your view.
For more information, refer to the Unified Dashboard help.
Global Dashboard Permissions
Your access to Unified Dashboard depends on the Admin utility's global permissions granted to you. Refer to the Online Help in the Admin utility for information on Global Dashboard Permissions.
When you assign the Global Dashboard permissions to a role, the Global Dashboard permissions override the module-specific dashboard permissions. As a result, the module-specific dashboard permissions are ignored.