Viewing Asset Details in VMDR OT

On the Assets tab, you get a detailed consolidated view of your industrial assets. These devices in your industrial network are discovered and profiled by the Qualys Network Passive Sensor.

While this real-time asset inventory provides you with details related to asset metadata, it also helps you gauge the security posture of your industrial IT environment and mitigate the risk of potential cyber security threats by managing vulnerabilities well in advance.

Consolidated view of ICS asset inventory

In the upper left corner, you see the total count of the industrial assets in your network.

In the search bar, you can build QQL queries to narrow down the scope of your asset search by using the supported search tokens. For more information, see Search Tokens for VMDR OT.

Right below the asset count, you see the assets grouped into two major categories: Equipment Type and Vendor. The Qualys Network Passive Sensor supports all the prominent industry protocols. As soon as it starts sniffing and analyzing the network traffic data, it categorizes these assets and thus, you get your assets listed based on their equipment type (for example, Programmable Logic Controller, Human Machine Interface, I/O Module, OT and Distributed Control System, among others) and vendor (for example, Siemens, Rockwell Automation, Cisco Systems, WAGO, and Samsung, among others). After you click a category in this list, your selection gets translated into a QQL query in the search bar. The assets that belong to the selected category are displayed in the assets table.

Search narrowed down to view PLCs only.

Using the date and time range selector next to the search bar, you can select to view assets discovered within a specific time period.

Date time range picker.

The assets table contains the list of discovered assets along with the following details:

- Asset name

- Hardware type of the asset

- Vendor/Model number

- When the asset activity was last detected on the network

- Risk score of the asset

- Vulnerabilities detected on the asset

- Asset tags

If you are interested in viewing granular details of an asset, click the asset name. The Asset Details page contains asset information divided into various sections. The following table contains details that you see on each tab in each section:

Section

Tab

Asset Information

INVENTORY

Summary

Asset metadata such as asset name, ID, IP address, MAC address, equipment type, Purdue level, industry protocol based on which the Qualys Passive Sensor discovers the asset, device ID, location of the asset, vendor ID, Hardware cataloged, description, and activities like first passive scan details and last passive scan details etc.

System Information

Manufacturer details, MAC manufacturer, model number, serial number,  operating system, firmware version, hardware version, order ID, product code, add-on details, protocol-specific information etc.

NETWORK

Network Information

Interface details such as IPv4 address, IPv6 address, MAC address, MAC manufacturer, domain details, DNS server details, default gateway and protocols talking to devices on each interface.

Network Map

View the network mapping for the selected asset.

Open Ports

List of open ports and services running on those ports.

Traffic Summary

Traffic flow details for an asset. These may include a date-wise traffic volume summary for the client to server (CTS) and server to client (STC), traffic categorized by family and volume.

SECURITY

Vulnerabilities

Summarized view for potential and confirmed vulnerabilities on the asset.

SENSORS

Passive Sensor

Details of Qualys Passive Sensor that discovered the asset.

Industrial OCA

Details of Industrial OCA information regarding the asset.

 

Below the search bar, your assets are grouped under four categories: devices with a high-risk score, devices on which vulnerabilities are detected, devices discovered by Qualys Network Passive Sensor within the past 24 hours, and devices on which no activity has been detected for the past seven days. Click each of these cards and get your assets listed by the selected category.

Clickable categories for asset listing

Related Topics

Asset Inventory

Device Discovery Documents

Generating a Project File

Importing Assets