Common Questions

ConsoleWorks

ConsoleWorks is an OT Operations & Security Control Platform, unifying policy based Role Based Access Control (RBAC), Access Control, Configuration Monitoring, Logging & Log Aggregation, Event Monitoring and Remediation, Asset Inventory and Intelligence, and Security / Compliance Risk Analysis.

By fusing real-time asset intelligence with deep configuration awareness, ConsoleWorks delivers more than information — it provides security, compliance, and operational context. Combine that with built-in secure remote access and automated policy enforcement, and ConsoleWorks becomes an active participant in your operational, security, and compliance workflows — not just an observer.

Access Control / Privileged Interactive Access – ConsoleWorks controls access by allocating specific permissions/ privileges to a user based on the ConsoleWorks Role-Based Access Control (RBAC) permission model. The permission model specifies which assets a user may access and at what level of privilege they may access those systems. ConsoleWorks supports command-by-command privilege grants for absolute control over electronic access.

The ConsoleWorks solution supports integration with an IAM solution and supports RBAC from an Active Directory server. The product was designed with the open ability to integrate its authorization/ authentication services with other technologies, as well.

In addition to command line sessions, ConsoleWorks has the ability to capture complete recording and playback capabilities for privileged user sessions, across RDP/VNC and even web applications. Users gain a complete, detailed account of what happened on sensitive systems, and who performed a specific activity.

Asset, Patch & Configuration Monitoring – The overriding purpose of configuration monitoring and management is to maintain asset configurations at a known state that have the highest level of security. ConsoleWorks automates the collection, comparison, alert/notification and auditing of any changes to configurations, eliminating the majority of human errors and minimizing the impact of intentional or unintentional erroneous activity.

Endpoint Password Management – From one central location, ConsoleWorks can be configured to schedule automatic password changes and set reset date warnings to meet compliance standards. Operationally, it can recover or change a password securely. When passwords are changed or recovered (for example, in the event of an emergency), notifications can be configured warning the appropriate personnel that it has occurred. The ability to change passwords on demand are controlled through ConsoleWorks granular Access Control Rules.

Logging & Situational Awareness (Logging and Monitoring) – ConsoleWorks can monitor and manage almost any application or infrastructure interface – including routers, switches, servers, firewalls, virtual machines, PLCs, RTUs, appliances, applications and networks – to provide the most comprehensive record possible.

Event Monitoring – ConsoleWorks watches for messages, or Events, in the data streams of all the devices and applications it manages. When ConsoleWorks detects an Event, it alerts the appropriate personnel in real time, records the circumstances, and automatically performs the default or customer-configured response(s). Users are able to respond to the device or application error condition and immediately view the vendor-supplied explanation along with steps required to resolve the issue.

Logging & Log File Aggregation – ConsoleWorks monitors the asset logs in the context of all other managed applications or hardware. Its ability to aggregate error conditions across all log files enables users to view multiple log files, in context, to help in root cause analysis. In many cases, issues have been resolved before other solutions have been notified that an Event has occurred.

Keystroke Logging and Best Practices – ConsoleWorks captures the steps taken for Event remediation down to the keystroke, enabling any ConsoleWorks user to leverage in-house past experience and acquire proven solutions faster. In this way, ConsoleWorks builds the business’s data warehouse of intellectual property related to the problem resolution.

Asset Intelligence – ConsoleWorks redefines asset inventory as more than a static inventory of devices. It’s a continuously updated, context-aware data set that powers everything from risk scoring and compliance measurement to operational prioritization and remediation. ConsoleWorks ingests asset metadata from both passive and active sources, including ConsoleWorks’ active collections, leading asset discovery tools like Tenable and Dragos. Palo Alto for Network Firewall information and many others. This data is normalized and correlated through ConsoleWorks’ Tool Data Collector (TDC) framework, ensuring accurate asset records, no duplication, and full traceability. Assets with multiple IPs or interfaces are recognized as a single asset.

Security / Compliance Risk Analysis – Risk Analysis is where the strength of ConsoleWorks’ unified platform is realized. ConsoleWorks evaluates controls constantly by translating compliance mandates into operational controls using a binary, true/false question model which are automatically evaluated based on the collected asset data – for example, “Is Antivirus installed?”.

ConsoleWorks uses the Secure Controls Framework (SCF) as the foundation for its compliance and risk measurement model. Each measurement question within the platform is mapped to an SCF control—creating a direct, traceable path from collected asset data to security and compliance posture. By anchoring the assessments in SCF, ConsoleWorks provides a single system of record for evaluating security and compliance posture across diverse environments and industry frameworks and regulations.

SCF mapping enables ConsoleWorks to “measure once, comply many” — simplifying audits, reducing manual effort to identify security gaps, and future-proofing your security and compliance programs.

Proof of Compliance and Security Posture – The ConsoleWorks platform, with Asset Intelligence and Risk Assessment provides the awareness of your Compliance and Security risk posture at any time.

ConsoleWorks is an OT Operations & Security Control Platform, unifying policy based Role Based Access Control (RBAC), Access Control, Configuration Monitoring, Logging & Log Aggregation, Event Monitoring and Remediation, Asset Inventory and Intelligence, and Security / Compliance Risk Analysis.

See “What are the key features of ConsoleWorks?”, below, for a more detailed description.

There is only one thing needed between you and your work, and that is ConsoleWorks!

By delivering agentless management technology which begins managing devices as soon as power and a network cable are installed, ConsoleWorks is able to detect that a component is in trouble before it goes down along with an immediate path to remediation to anywhere from everywhere. The result is greater time between failures, quicker remediation of failures, and a more efficient use of personnel, all of which result in a quick return on the investment.

See “What are the key features of ConsoleWorks”, above, for a more detailed overview of how ConsoleWorks is different from other, similar technologies.

You can see a 15-minute demo of it in action here. You can also schedule a personal demo by reaching out to us here.

Yes. Aside from the newest features for the dashboards and Reflection System, there are numerous security updates and enhancements that will keep your operations secure. Please download the latest version of ConsoleWorks here.

If you are already a ConsoleWorks customer, you can find it on our Support Site.

ConsoleWorks maintains a persistent, secure connection to physical and logical infrastructures to monitor user actions, machine state activity, and all defined incidents worth knowing about. ConsoleWorks also implements various levels of physical and logical security to provide necessary – and often required – protective measures. ConsoleWorks can be programmed to trigger pre-defined, real-time, enterprise-wide responses to security incidents. ConsoleWorks enables strong password implementation, access restrictions by task, by role, and by policy, and user authentication internally (through username/password protocols) and externally (from sources including Windows® Active Directory Domain Services, PAM, and RSA® SecurID®).

ConsoleWorks supports a robust task-based/role-based privileges model based on user-defined Access Control Rules. Access Control rules enable administrators more granular and graduated control over what specific users can do inside ConsoleWorks and how they can use ConsoleWorks to access and interact with managed assets.

Virtually all computer, network, and similar devices have a communication port through which these devices send boot and status messages. Usually, this console information is lost because it is impractical to monitor and respond to the geographically scattered computing infrastructures common in modern-day businesses.

ConsoleWorks stops this data loss by bringing all the once-discarded console information, status updates, error messages – basically everything in the data stream – back to a single, web-enabled server, looking it over, and responding intelligently.

ConsoleWorks is an on-premise Privileged Account Management and Password Management platform for privileged users accessing IT and OT (ICS) devices including Windows and Linux servers and virtual machines, routers, switches, RTUs, PLCs, SCADA devices, etc. It is a single, vendor/protocol agnostic, end-to-end solution that controls access, logs user activity, and monitors SSH, Telnet, RDP, VNC, Serial, and other types of connections that are prevalent in today’s IT and OT (ICS) environments. It does so in real-time and in all machine states – power on, single user, maintenance, configuration, production, and failure modes – without the need of a software Agent installed on the endpoint. It also locks down the “back door” entrances that are overlooked by similar solutions.

Cybersecurity Challenges can be Different Between IT and OT –

Examples of how ConsoleWorks addresses the differences between IT and OT:

No agents, so no risk associated with installing software on endpoints
Vendor and protocol agnostic enabling support beyond the standard IP connectivity to include serial and others required in ICS environments where systems have been around for many years and have a specific purpose.
Patching process that has consideration of testing needs and availability of the ICS environment
Password vaults that understand the vulnerabilities of the ICS environments
Others

ConsoleWorks is an ICS security and operations platform that provides the security perimeter around the critical ICS devices. ConsoleWorks provides a unified security approach to ensure privileged access is controlled and risk is mitigated. Our approach dramatically simplifies the security practice and addresses the vulnerabilities with privileged access that present an extremely high-security issue today.

Yes, with the Reflection System you will be able to meet your architecture needs as defined by these or others, like Zero Trust.

Permitting access can only be initiated from a person in a higher-level security zone, to maintain control in your architecture and meet needs around Zero Trust, IEC 62443, Purdue and more.

ConsoleWorks automates the collection, comparison, alert/notification and auditing of any changes to configuration baselines, eliminating the majority of human errors and minimizing the impact of intentional or unintentional erroneous activity.

ConsoleWorks has the ability to speak multiple protocols (including serial), gaining access to and then collecting the inventory is a fundamental capability of the product. ConsoleWorks does this without adding an Agent to the endpoint, which is a requirement in the ICS environment since many of these devices are purpose-built and cannot have other vendor software installed on it.

ConsoleWorks can be configured to monitor many items including:

Functional settings that determine how the asset operates
Versions of software currently installed including BIOS, firmware, operating system, applications, etc.
Patches, including security patches that are installed
Ports that are active and how they are configured
Services that are enabled
Accounts
Configuration Files

The new action bar lets you quickly execute on-demand actions on selected assets in your fleet, from managing/denying Just in Time access requests, rebooting endpoints, pulling reports, downloading files and more. The Action Bar configuration is user-definable and customizable to allow specific scripts / actions that align with your organization’s processes and needs.

The Grouping Widget helps you know what assets or events need attention. With smart filtering, you can drill down on those assets and events to identify your areas that need attention first. Group assets based on a number of categories (security, business unit, location, etc.)

Events related to your assets are important and you need to know about them. The Activities Widget helps you separately visualize events based on user-specified categories. Visualize and define events based on your specific needs (ex: filter based on certain vendor events or process events only)

THE NEW, AUTOMATED PATCH ANALYSIS PROCESS FROM CONSOLEWORKS WILL BE APPLICABLE TO VARIOUS IT/OT PATCHING PROCESSES INCLUDING, PCI-DSS, NIST 800-53, HIPAA, NERC CIP AND OTHERS.

AUTOMATED PATCH ANALYSIS PROCESS USE CASE: NERC CIP-007-6/R2

NERC CIP-007-6 / R2 requires a patch management process for tracking, evaluating, and installing cybersecurity patches for applicable Cyber Assets, including device drivers. Many utilities see this is a grueling task, requiring many, many man-hours to meet the “every 35-day analysis” required by NERC CIP.

The ConsoleWorks Automated Patch Analysis solution greatly simplifies the process of gathering the information required for patching IT and OT devices – beyond the HMI.

For meeting NERC CIP compliance, ConsoleWorks establishes a secure access to access all devices and then is configured via a schedule to perform the patch analysis every 35 days, keeping a log, for audit purposes, of when the analysis was run. Once the current patch state is gathered by ConsoleWorks, ConsoleWorks can integrate with industry or custom solutions to assist in automating the patch gap analysis. In these cases, ConsoleWorks sanitizes, anonymizes, and encrypts the data before initiating the secure transfer of the collected device information.

After the initial collection is sent, ConsoleWorks can be configured to continually monitor for the patch gap analysis results. When available, ConsoleWorks automatically downloads and processes the results, using ConsoleWorks Events as an indication to the user when patches are available. Event Severities further indicate whether an available patch is a security patch.

Finally, ConsoleWorks produces dashboard report views to organize and communicate the current patch state. ConsoleWorks presents a summary report containing information on patch gaps that may exist for each asset, including links to any available patch for downloading directly from the vendor site.

At this point, a utility will evaluate the available security patch for applicability and make the decision to install the patch or initiate a mitigation plan. ConsoleWorks’ integration with workflow management solutions enables utilities to further automate the patching and mitigation processes as required by NERC.

The patch analysis features will be available in ConsoleWorks in Q2, 2018, and are part of a larger cybersecurity and operations platform solution addressing IT/OT patching processes for PCI-DSS, NIST-800-53, HIPAA, NERC CIP V6 ( CIP-005, CIP-007, CIP-010, and CIP-013) requirements for Secure Remote Access, Asset and Configuration Monitoring, Endpoint Password Management, Logging and Situational Awareness and Supply Chain.

Data Sheet

EU General Data Protection Regulation (GDPR)

GDPR Compliance for Privileged Users

The EU General Data Protection Regulation (GDPR) has been designed to protect how personal data of EU citizens is collected, processed and stored.

This requires companies to evaluate their data strategy as to how they collect and store data, who has access to the data and implement policies to ensure compliance with GDPR.

Secure and Controlled Access to Data

GDPR requires companies to implement granular controls to protect access, and set and enforce clear roles and responsibilities for access to the systems that hold personal data. ConsoleWorks Privileged Interactive Access enables companies to proactively protect their privileged credentials and secure remote access to devices and systems for inside privileged users, vendors, and contractors.

ConsoleWorks ensures that every remote access connection made by our customers, whether a privileged user connecting to a critical system or device or a help desk connecting to a user, is secure. ConsoleWorks protects critical systems and data while helping companies meet the data privacy requirements of GDPR.

Ensure Data Protection
Control and limit access to sensitive personal data to only the privileged users’ authorized level.
Streamline Regulatory Compliance
Automatically capture detailed audit trail that documents all session activities and credential usage.
Simplify Audit & Reporting
Significantly reduce the time involved in collecting the data required to support an audit and producing the reports to prove compliance.

ConsoleWorks keeps detailed audits of administrative, user, and incident activity. These audits show who did what, when they did it, and what was added, deleted, or modified within the managed asset. ConsoleWorks can be configured to provide reporting to assist in compliance with PCI, HIPAA, SOX, SAS 70, and NERC CIP requirements. ConsoleWorks can apply digital signature technology to log files, for the purpose of detecting record tampering, such as the modifying or deleting of log entries. Coupled with timestamp log entries, ConsoleWorks provides sequenced, tamper-evident logs for compliance and incident forensics.

ConsoleWorks maintains a persistent, secure connection to physical and logical infrastructures to monitor user actions, machine activity, and all defined incidents. ConsoleWorks implements various levels of physical and logical security to provide necessary—and often required—protective measures.

ConsoleWorks functionality includes the following features:

Agentless, persistent monitoring
Scanning of incoming data streams for pre-defined text patterns
Complete intelligence gathering (capture of source and account IDs, incident context, and commands outcomes)
Centralized command and control for enterprise-wide physical and logical connections, Syslog messages, SNMP traps, and other streams of information.
Connections secured using SSL and SSH encryption
Automatic, securable logging of all data flows to and from monitored assets
All asset activity logged and the logs digitally signed to make it easier to detect modifications
Asset access secured using role-based or task-based user privileges

Virtual Serial Ports provide an important technical capability for enhanced management of virtual environments. ConsoleWorks leverages this capability to deliver enterprise-class compliance and security capabilities as well as further optimizing IT operations for virtual environments.

Optimize IT operations for virtual environments -An important part of reducing management costs – while maximizing availability and reliability of systems – is the ability to correctly identify, diagnose and remediate issues and problems. This is a critical differentiator of ConsoleWorks, driving significant productivity enhancements of for many ConsoleWorks customers. ConsoleWorks enables all of the IT operations benefits for virtual environments that are already being realized in traditional IT infrastructure environments by our customers.
Security and compliance issues in virtual environments – ConsoleWorks maintains console connections in all modes of operation, including during VM migrations. In addition to maintaining the IT infrastructure security model over privileged interfaces (consoles, virtual serial ports), ConsoleWorks can capture all log file data generated by hypervisors (which includes VM logs). This provides comprehensive data collection of all events, information and actions (provisioning VMs, moving VMs, configuration, maintenance, repair, etc.) that can support even the most rigorous compliance requirements. It also provides a degree of transparency into virtual environment that directly enables oversight, auditing, and management.

Intelligent Event Modules (IEMs) are vendor event reference libraries that contain the proper priority designation as defined by the vendor or manufacturer and descriptive event definitions for detected events that transform cryptic event codes into human-understandable error definitions – simplifying the diagnosis activity and time to solve. IEMs provide ConsoleWorks with a watchlist of text messages, including error codes, system warnings, and status alerts, produced by an information source in the IT environment. ConsoleWorks watches for these messages, called Events, in the data streams of your managed systems, devices, and applications.

ConsoleWorks IEMs improve IT operations – IEMs dramatically improve the ability to streamline and optimize IT Operations by eliminating time-consuming event prioritization and research activities. With IEMs, events captured by ConsoleWorks that are in the vendor IEM “library” are automatically matched, assigned the appropriate priority, and presented with their human-readable definition. This enables administrators, engineers and technicians to use their time for value-add issue or problem resolution rather than priority assessment or event code researching.

ConsoleWorks IEMs enable continuous process improvement – IEM technology can be used as a domain knowledge repository. The user can define custom events so that when these events (or event combinations) occur again they will already be properly prioritized and described. The end user can also update IEMs with recommended remediation actions by event – even to the inclusion of the exact sequence used to correct the problem, previously. So, a less knowledgeable or less experienced administrator is now armed with the exact steps that were used by the expert to successfully remediate the error or incident.

Special Projects

Over the next several months, TDi Technologies will be working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a manufacturing security project. The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges. The NCCoE will be releasing a draft practice guide document, Protecting Information and System Integrity in Industrial Control System Environments, which will leverage industry, government, and academic expertise.

This report will show how manufacturing organizations can protect their industrial control systems (ICS) from data integrity attacks. The NCCoE is collaborating with technology vendors including CyberX, Dispel, Dragos, GreenTec USA, ForeScout Technologies, OSIsoft, Radiflow, Tenable, and VMware. to successfully develop an example solution that organizations can reference to adapt and adopt increased security within their manufacturing environments.

This report can help manufacturing organizations reduce their risk by showing how commercially available technologies such as ConsoleWorks can be used to improve the security of their manufacturing environments.

The NCCoE Announces Technology Collaborators for the Securing Picture Archiving and Communication System (PACS) Project

The National Cybersecurity Center of Excellence (NCCoE) is pleased to announce the initial set of technology partners for the Securing Picture Archiving and Communication System (PACS) Project: Cisco, Clearwater Compliance, DigiCert, ForeScout, Hyland, Symantec, TDi Technologies, Tempered Networks, Tripwire, Virta Labs, and Zingbox. We expect to finalize additional technology partners to fulfill the project’s required components and capabilities.

In response to a call in the Federal Register, these companies submitted capabilities that aligned with desired solution characteristics. The technology collaborators were extended a Cooperative Research and Development Agreement, enabling them to participate in a consortium where they will contribute expertise and hardware or software to help refine a reference design and build an example standards-based implementation. To learn more about the project, read the project description.

These vendors will work with the NCCoE project team to provide a practical solution for securing the PACS ecosystem. The result will be a freely available National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide (NIST’s Special Publication 1800 series) that includes a reference design and a detailed description of the practical steps needed to implement the solution based on the NIST Cybersecurity Framework, and industry standards and best practices.

If you would like to join the Healthcare Community of Interest to help guide this project and provide feedback, please email us at HIT_nccoe@nist.gov.

CryptoniteNXT, ForeScout, Häfele America, Remediant, StrongKey, and TDi Technologies have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Securing Property Management Systems project.* In response to a call in the Federal Register, these companies submitted capabilities that aligned with desired solution characteristics listed in the project description. The technology collaborators were extended a Cooperative Research and Development Agreement (CRADA; see example) enabling them to participate in a consortium where they will contribute expertise and hardware or software to help refine a reference design and build an example standards-based implementation. This collaboration will result in a publicly available Cybersecurity Practice Guide (NIST Special Publication 1800 series) that will document a reference design for hospitality organizations to improve the cybersecurity within and around a property management system (PMS).

Increasing Reliance on Technology in the Hospitality Sector

The role of technology in the hospitality industry is growing rapidly, and the PMS is increasingly integrated with systems and services that extend well beyond front desk operations. As the operations hub, the PMS interfaces with services and components within a property’s IT systems, such as Point-of-Sale systems, door locks, Wi-Fi networks, and other guest service applications. Adding to the complexity of connections, external business partners’ components and services are also typically connected to the PMS, such as on-site spas or restaurants, online travel agents, and customer relationship management partners or applications. This expanding PMS ecosystem provides a wider attack surface for vulnerabilities to be exploited by malicious actors. Improper configuration of the diverse applications that connect to or run through a PMS can create cybersecurity vulnerabilities.

Advancing the State of Cybersecurity for Hospitality Organizations

The NCCoE is working closely with the hospitality business community, managed security service providers, and cybersecurity technology vendors to develop a standards-based reference design that aims to advance the cybersecurity of property management systems and to demonstrate:

system protection and authentication with enforcement that will help prevent damage to PMS functionality and security
data protection and encryption to reduce the risk of a data breach of guest payment card information or personally identifiable information, and to protect the confidentiality and integrity of system data
auditing and analytics such as complete, real-time auditing and reporting of user activity

In partnership with technology collaborators, the NCCoE will build the reference design in a lab environment. The following diagram depicts the reference design’s high-level architecture.

The reference design will use commercially available products from the project’s technology collaborators—CryptoniteNXT, ForeScout, Häfele America, Remediant, StrongKey, and TDi Technologies—along with open source products.

How to Participate

Interested parties are encouraged to engage with us through our project web page.

If you have additional comments, questions, or would like to join the Community of Interest helping to guide this project and provide feedback, please email us at hospitality-nccoe@nist.gov.

*Certain commercial entities, equipment, products, or materials may be identified to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST or NCCoE, nor is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose.

TDi Technologies’ ConsoleWorks Cybersecurity/Operations Platform is part of NCCoE cybersecurity practice guide. This practice guide aims to help energy sector companies implement an asset management solution to monitor and manage OT assets at all times. Standards and best practices were used to deploy strong asset management solutions using commercially available technology.

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) has released a final cybersecurity practice guide involving asset management to help energy utilities and the oil the gas industry develop an automated solution to better manage their industrial control system (ICS) assets. To complete this guide, the NCCoE collaborated with other technology vendors, including Dragos, Forescout, FoxGuard Solutions, KORE Wireless Group, Splunk, and Tripwire.

Energy sector companies rely on industrial control system (ICS) assets within OT environments to generate, transmit, and distribute power and to drill, produce, refine, and transport oil and natural gas. Given the growing complexity and critical role of these ICS assets, energy companies must be able to effectively identify, control, and monitor all of their OT assets to strengthen cybersecurity. We show how OT asset management practices can be enhanced by leveraging tools that may already exist in their environment or by implementing new capabilities.

This project explores methods for managing, monitoring, and baselining assets and includes information to help identify threats to these OT assets. Both standards and best practices were used to develop reference designs leveraging commercially available technologies. The guide also maps capabilities to NIST guidance and control families, including the NIST Cybersecurity Framework.

ConsoleWorks and Other Vendors Collaborate | The Third in a Series of Cybersecurity Guides for the Energy Sector

The NCCoE believes the guide addresses a critical cybersecurity and economic need. Please download the practice guide and let the NCCoE know if you implemented or adopted the solution in part or in whole.

FoxGuard Solutions, Inc. and partner TDi Technologies recently completed a multi-year project to create a safer national power grid by simplifying the process of patching and updating energy delivery control system devices. The solution is the result of a $4.3 million Cooperative Agreement awarded in 2013 from the U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems (CEDS) division.

Read Press Release

Read FoxGuard & TDi Joint Whitepaper

Comments from the CEO

Snippets on ConsoleWorks Differentiators: Bill Johnson, CEO

The quotes are from various slide presentations, speaking engagements and conferences.

“TDi ‘s ConsoleWorks platform technology does a lot of protection automation and we are currently doing a program with the DOE for Patch gap Analysis in the substation T&D, Generation space covering both IT and OT technologies. A key differentiator is our ability to do this without putting agents on the endpoints – we go beyond the HMI out to the leaf using NATIVE interfaces that Automation engineers use.”

“This keeps our technology out of the SCADA network but allows it to be used by customers to control, interact, collect baselines and change passwords for endpoint RTAC, RTU, IED, PLC or other endpoint assets. All audited, logged, controlled and verified. One of our customers just completed a SERC Audit where they were told by the Auditor, ‘…you do not need to audit remote access and baseline again – you guys have it nailed.’

“We are doing Insider Threat work along with the NCCoE and their use cases, and now adding Expert Systems – DarkLight with the Human Activity capture from our product ConsoleWorks.”

Mapping to the NCCIC Document – Seven Strategies to Defend ICSs

Secure Remote Access — “We have this in spades – end to end, front to back and inside out. Bar None!”

Implement Application Whitelisting – ” We do not do this, we manage the insider to prevent them from running things, like whitelist, blacklist and gray list commands and command sets.” “It still should be done, ConsoleWorks covers part of this area.”

Configuration & Patch Management — “We do this without agents or installed software on the endpoint…and we don’t stop at the HMI – we go to the leaf..in some case 3 or 4 levels deep.”

Reduce Attack Surface — “If I control the Humans interaction, I believe I reduce the attack surface altogether. At least it would be another layer of attack surface reduction.”

Build Defendable Environment — “That’s a business decision, but I believe ConsoleWorks contributes to this as part of a larger strategy.”

Manage Authentication — “Again a major strong point, we take authentication and add a number of layers on top that really enforces the authentication to a role, capabilities and so on.”

Monitor and Respond — “Why respond when ConsoleWorks can capture activity down to the keystroke level. We can prove, how it’s done, who did it, and when it was done — then it can be integrated with a Ticket management system, and allow oversight at the same time. I think we have a lot to contribute in this role.”

THE NEW, AUTOMATED PATCH ANALYSIS PROCESS FROM CONSOLEWORKS WILL BE APPLICABLE TO VARIOUS IT/OT PATCHING PROCESSES INCLUDING, PCI-DSS, NIST 800-53, HIPAA, NERC CIP AND OTHERS.

AUTOMATED PATCH ANALYSIS PROCESS USE CASE: NERC CIP-007-6/R2

Data Sheet

EU General Data Protection Regulation (GDPR)

GDPR Compliance for Privileged Users

Secure and Controlled Access to Data

The NCCoE Announces Technology Collaborators for the Securing Picture Archiving and Communication System (PACS) Project

Increasing Reliance on Technology in the Hospitality Sector

Advancing the State of Cybersecurity for Hospitality Organizations

How to Participate

Read Press Release

Read FoxGuard & TDi Joint Whitepaper

Snippets on ConsoleWorks Differentiators: Bill Johnson, CEO

The quotes are from various slide presentations, speaking engagements and conferences.

Mapping to the NCCIC Document – Seven Strategies to Defend ICSs

Quick Links

Contact

Support

We have an answer

Frequently Asked Questions

Common Questions

ConsoleWorks

THE NEW, AUTOMATED PATCH ANALYSIS PROCESS FROM CONSOLEWORKS WILL BE APPLICABLE TO VARIOUS IT/OT PATCHING PROCESSES INCLUDING, PCI-DSS, NIST 800-53, HIPAA, NERC CIP AND OTHERS.

AUTOMATED PATCH ANALYSIS PROCESS USE CASE: NERC CIP-007-6/R2

Data Sheet

EU General Data Protection Regulation (GDPR)

GDPR Compliance for Privileged Users

Secure and Controlled Access to Data

Special Projects

The NCCoE Announces Technology Collaborators for the Securing Picture Archiving and Communication System (PACS) Project

Increasing Reliance on Technology in the Hospitality Sector

Advancing the State of Cybersecurity for Hospitality Organizations

How to Participate

Read Press Release

Read FoxGuard & TDi Joint Whitepaper

Comments from the CEO

Snippets on ConsoleWorks Differentiators: Bill Johnson, CEO

The quotes are from various slide presentations, speaking engagements and conferences.

Mapping to the NCCIC Document – Seven Strategies to Defend ICSs

We can help

Footer

Quick Links

Contact

Support