BigFix Software Integration
How BigFix software helps manage IT/OT convergence by safely applying proven technology safely into OT environments.
Learn MoreSubscribe to stay in the loop with the latest OT cyber security best practices.
Since our initial blog post about Verve’s integration with BigFix software for IT-OT converged security, BigFix users asked us for more detail on how the Verve Security Center (VSC) can enhance their BigFix deployments. This is the first blog in a series of posts that describe the specific enhancements Verve’s integration offers for BigFix users.
To summarize Verve’s integration with BigFix, we offer comprehensive security in converged IT-OT-IOT environments through three unique functionalities:
The growing convergence of IT and OT/IOT networks creates a significant challenge for CIOs trying to manage and CISOs trying to protect these embedded/proprietary devices. Managing proprietary or open-standard embedded devices requires a different approach from the traditional agent-based or scan-based solutions. Most embedded devices cannot install an agent, and many of these proprietary devices are not stable enough to run traditional scan-based vulnerability assessment tools.
Traditional IT silos of separate solutions for workstations/server/OS-based systems vs. networks is not effective for securing these converged systems. In many cases, assets cannot be patched immediately or certain insecure configuration settings are necessary for operations due to OEM designs. Therefore, effective security requires that teams have a comprehensive view of the entire infrastructure, as well as the ability to take actions across end points and network elements to truly “manage” the vulnerabilities present using the best control for that particular risk.
Prior to Verve Industrial, the only options available on the market were network-based solutions which require spans/taps/pcap capture across all layers of the network to provide visibility without the ability to take action.
VCS confronts these challenges with the first end point security management solution built specifically for converged IT-OT networks.
The proprietary integration Verve has with BigFix software tunes the BigFix agent deployment specifically for OT/IOT environments, and it has proven successful on every major OEM vendor servers and workstations. The agent-based functionality provides full discovery of every device in a subnet, allowing for network access alerting. For those of you who use BigFix on your IT systems, all of the traditional functionality is present in these OT OS-based devices as well.
The agentless device intelligence extends security management functions to other assets in the network. This begins with the networking elements. Verve gathers full configuration information from all network devices into the same database as the OS-based devices. It gathers firmware, configuration settings, ACLs and other information and has the ability to integrate log and netflow data from these devices to provide greater granularity of network device behavior. Verve’s agentless manager also builds playbooks to manage these devices. True security management requires visibility of vulnerabilities, risks and threats, in conjunction with the ability to act on them.
The agentless device intelligence also extends into the proprietary embedded device realm. With this type of insight, OT security teams have an integrated view into all their IT/OT/IOT assets. Verve achieves this insight without the need to deploy expensive network taps and span ports on network infrastructure. The software-based approach enables visibility into all subnets and is proven to be safe in operations, leveraging the same communication protocols that the OEMs use to program these devices.
As IT departments come to grip with OT/IOT networks, they realize that many of the traditional security or ITSM playbooks no longer work. The monthly or quarterly “scan-patch-scan” process to address vulnerabilities is not applicable to critical infrastructure environments where scans can knock devices offline – or worse – make them inoperable. Patches deployed by corporate IT at the wrong time or without proper engineering testing causes significant operational disruption.
Many OT/IOT devices have hundreds of potential zero-day vulnerabilities because the vulnerability community hasn’t focused on these in the past. As a result, users need to truly manage vulnerabilities through a broader menu of potential actions – configuration hardening, network protections, deployment of application whitelists, changing user access controls, and increasing monitoring of anomalous behaviors.
Users need three things to execute on true security management:
BigFix software is a fantastic option for managing IT end points. With Verve’s integration, BigFix users extend this type of capability into true security management in converged IT-OT environments by providing comprehensive asset visibility and actionability as well as the intelligence to advise on the most effective course of action.
How BigFix software helps manage IT/OT convergence by safely applying proven technology safely into OT environments.
Learn MoreIT endpoint management tools used in ICS security bridge the gap between IT and OT cyber security in a safe, automated way to address skill shortages and OT safety-first principles.
Learn MoreReducing OT cyber security attack surface by disabling USB ports as a best practice system hardening task
Learn More