We did a PoV (Proof-of-Value) in our ICS Hack Lab and here is the result:
🟢 Palo Alto Networks IoT Security has brought a new level of visibility and protection to our infrastructure.
🟢 The biggest benefit is the automatic identification and classification of IoT / OT devices without the need for manual mapping. The solution can even detect devices that you didn’t even know were connected before.
🟢 The combination of passive monitoring and machine learning allows us to accurately evaluate the normal behavior of devices and immediately alert you to anomalies or possible security incidents. I like that the alerts are contextual – not just “noise” in the logs, but clear information about what the problem is and what the recommended steps are. See pictures.
🟢 IoT integration with ruggedized Palo Alto 410R enabled centralized security management. Thanks to integration with our existing policies, we can quickly isolate a suspicious device without disrupting the entire network.
Strengths we value:
✔️ Excellent visibility and inventory of IoT / OT assets.
✔️ Anomaly detection using AI and ML.
✔️ Easy integration into existing Palo Alto cloud infrastructure.
✔️ Practical and actionable recommendations upon alert. See image.
✔️ No additional sensors – everything runs through the network ICS infrastructure, which can be supplemented with SPAN traffic and let it into the TAP port on the FW.
Thank you Palo Alto Networks Slovakia for lending the PA 410R as well as the PoC IoT license.
