How It Works

Functions and Capabilities:

Observe

Deployed via mirror or SPAN port, proxy, or transparent bridge, the automated discovery engine captures and records traffic for analysis, while normalizing and filtering standard and customized industrial protocols.

Establish

An automated learning engine creates initial baseline policy recommendations based on network traffic observations, public and proprietary threat intelligence, Bayshore expertise and experience, and industry best practices.

Refine

An easy to use, drag and drop interface and interpretive English-like policy language allow customized and special purpose policies to be created and managed globally, while policy implementation and enforcement is conducted locally. Logic-rich policies can contain nested rule-sets with many rule types and many variables.

Inspect

Line speed content inspection occurs at the full message level and takes both context and content into consideration. Inspection is performed bi-directionally at the transaction boundary level. This level of inspection and filtration goes far deeper than the packet or signature level typically found in DPI technologies, operating for instance at the coil, contact, and register level of a typical industrial protocol. Data contained within a transaction can be converted from esoteric industrial protocol format to application-ready formats such as JSON.

Enforce

A variety of policy violation responses are available including allow, alert, and/or blocking of the offending transaction. Policies can be applied globally, to specific device clusters and network segments, or to specific individual assets.

shield-cta-icon.svg

Let’s get the conversation started.

Contact Us