The SNOK® Network IDS monitors internal and external communications of a controls system. It detects viruses, malware and sophisticated attacks (Advanced Persistent Threats), including those that are undetectable by conventional security tools. The SNOK® Network IDS can be placed at the perimeter of the network, or at strategic internal points to monitor the data traffic between critical components.
The SNOK® Network IDS consists of four modules that are specifically aligned with requirements in industry standards such as the NIST Cybersecurity Framework and NERC CIP requirements. The Monitoring and Detection modules collect and analyze cybersecurity data, the Risk Assessment module determines the criticality of detected intrusions and events, and the Response module assists in responding to a cyber-attack.
The local user interface provides real-time visualization of networks status and security events.