OT/ICS Security Solutions Competitive Analysis: Opscura vs. Gigamon and Garland

<a href="https://www.opscura.io/about/#ourteam" target="_self">Opscura </a>

Opscura

Deep OT Segmentation, Encryption and Protection

When completing a network assessment and/or implementing a visibility platform as part of an OT/ICS cybersecurity roadmap, you have a wide range of options when it comes to devices you can deploy deep in the OT network to support your efforts. There are Test Access Points (TAPs), sensors, packet brokers, aggregators, and hybrid visibility solutions available. But which ones do you need? How do you implement them all? Can you just choose one? 

The answers to these questions are a combination of “you might need them all” and “yes, you can choose just one.” Read on to learn more.

The Old Tools

Organizations typically deploy Network Test Access Points (TAPs) to access and monitor network traffic, enabling them to extract and replicate the data for analysis and security purposes. Network sensors deployed on servers or virtual machines monitor and assess traffic. Once data is captured, packet brokers direct traffic flows to specific network tools or devices. Traffic aggregators gather and funnel traffic from multiple sites to packet brokers or individual network tools.

Traditional tools deliver visibility into OT network traffic and support your assessment and visibility platforms, but they aren’t necessarily purpose-built for security.  This means: You will need to replace them with other devices or add more devices to meet your future cyber security (not cyber visibility) roadmap phases.

Garland Technology and Gigamon are both leading providers of ‘collectors’ that provide data to network visibility products used in OT/ICS security, offering a large range of TAPs, sensors and packet brokers, and visibility solutions. But visibility is not the end game.

None of these tools go beyond supporting the visibility portion of your roadmap. That said, they do:

  • Introduce more hardware, interfaces, and potential points of vulnerability into the network, increasing your attack surface
  • See network traffic, but can’t secure it, identify threats or respond to attacks
  • Operate in specific bandwidth ranges and with media-related distance limitations
  • Introduce complexity in connections between the network and various monitoring and analysis tools
  • Add network bandwidth overhead and can limit future network roadmaps
  • Create work for the IT and OT teams, as well as demand their own downtime windows to deploy

OT Visibility with Security at ½ or even ¼ the Cost

Traditional tools can help meet the most common standards, such as ISA/IEC-62443-3-3 standard for visibility, but that’s not enough to actually secure your network. You’ll need additional measures for protection and to defend against future threats.

Opscura’s multi-purpose solution (our vias) addresses both the visibility and, more importantly, the actual protection challenges of OT network security.

Vias can be virtual or physically inserted in line between the main network and assets that require protection. They enable you to easily segment network assets and subnetworks while delivering traffic visibility as virtual SPAN ports. They defend the network with crypto segmentation and can cloak critical and more vulnerable assets from attacker reconnaissance. Everything is easily configured, updated, and managed through a web dashboard.

Weighing the Options

Opscura Garland Technology Gigamon
Solutions needed for the entire security roadmap Only our viasTheir sensors plus 2 or more devices Their sensors plus 2 or more devices
Additional solutions required for roadmap None Packet Brokers, Aggregators, Firewalls Packet Brokers, Aggregators, Firewalls
Bandwidth 90% compression, no performance impact Limited, depending on product Limited, depending on product
Secure data gathering Integrated PKI and transparent certificate management; anti-tampering No No
Traffic aggregation Included Requires aggregator product Requires aggregator product
Attack response Yes No No
Management 1 web dashboard Multiple tools Multiple tools
Implementation time 2 or fewer hours – with no downtime Days or weeks Days or weeks
Re-IPing needed No Yes Yes
Re-Architecting needed? No Yes Yes
Active protection for OT assets Yes No No
Segmentation Yes No No
Cloaking, even for cyber sunset assets Yes No No
Encryption of traffic Yes No No
Cost $ $$ $$$$

Opscura’s comprehensive approach simplifies OT/ICS security architectures with a single solution—instead of four. Best of all, our comprehensive approach accelerates your security roadmap—without the extraordinary costs of operational downtime and unnecessary friction between IT and OT teams.

Opscura’s vias minimize the number of devices, tools and interfaces that have to be purchased, managed and secured. Opscura also goes beyond visibility to transparently encrypt network traffic, provide intrusion protection, cloak network assets and harden protocols—with no deployment downtime. At the same time, our software-defined architecture is completely scalable to add security wherever needed and easily fit your future OT technology roadmap.

Can it get better? We think so. We’re four times more affordable than Gigamon or Garland, while actually securing OT assets. There. Fixed it. 

See for Yourself

Cut right to a secure OT infrastructure. Contact us today to book a meeting.