Seeking Threat Visibility and Operational Efficiency, Manufacturer Relies on Zingbox IoT Guardian You Can’t Protect What You Can’t See A leading international manufacturer struggled not only to remediate security anomalies, but also to define what constituted “abnormal activity” in the first place. In manufacturing, where many maintenance processes are performed manually, keeping an up-to-date inventory of current assets as well as establishing a baseline for normal activity are continuous challenges. This lack of visibility leaves manufacturers vulnerable to security attacks and operational disruptions, whose causes cannot be easily pinpointed and remediated.

For the manufacturer, this lack of visibility was compounded by certain aspects of its organizational infrastructure. The global company has several data centers and multiple factories located around the world, but every production line has a separate, isolated network. With only one security officer managing this entire complex system, the manufacturer needed an efficient way to gain real-time visibility across the network. Otherwise, local security teams would not have the insight into security hazards and respond decisively.

Another common attribute of the manufacturing industry that impacted this manufacturer is a requirement for network stability and reliability above all other considerations. While many security solutions promise to increase visibility and address vulnerabilities, their solutions too often require modifications to devices or network downtimes, which put operations at risk of disruption or even failure. For manufacturers, any network interruption can translate to millions of lost dollars. Many organizations would rather keep legacy equipment and software running than make modifications that could impact production.

Context Is Crucial, Especially When Seconds MatterEach device on a manufacturing production line has dozens of traits, functions, and behaviors, all of which make up the unique “personality” of each device. For example, an electronic screwdriver on a production line operates at a specific torque and with certain frequency. Some screwdrivers may be utilized every minute, while others are engaged every hour.

INDUSTRYManufacturing

ENVIRONMENTLarge, global manufacturer with multiple data networks and factory sites

CHALLENGES▶ Know what devices exist and

where, and how they behave

▶ Respond effectively to adversesecurity events withoutdisrupting production

▶ Understand the causes ofvulnerabilities and operationalinefficiencies

SOLUTION▶ Visibility into the unique

“personality” of each deviceacross production lines

▶ Automated system that alertsteam when anomalies aredetected

▶ Comprehensive, non-intrusivedata dashboard that givesfull security context andoperational insights

CASE STUDY

CASE STUDY

About ZingboxZingbox IoT Guardian is an Internet of Things security solution that provides visibility into and protection for enterprise IoT assets against cyber and insider threats. A non-intrusive, agent-less, signature-less solution, IoT Guardian uses machine learning for asset discovery, risk assessment, baselining the normal behavior of devices, and discovery of threats. Zingbox was founded by Silicon Valley IT industry leaders and experts in networking, big data, IoT, and security.

By leveraging machine learning and three-tier profiling techniques, Zingbox’s IoT Guardian baselines acceptable behaviors and from it, understands each device’s distinct “personality.” Any device behaving outside of its normal activity will be detected by Zingbox’s IoT Guardian.

After installing Zingbox IoT Guardian, the manufacturer discovered that the IoT Guardian solution was perfect for providing visibility. For example, Zingbox revealed that an employee was sending personal email from a computer designated for manufacturing controls, opening up the network to cyberattacks. Zingbox also identified unusual network traffic connecting directly to public IPs, bypassing the company’s VPN connection. The security teams investigated these anomalies and found that certain security settings were misconfigured.

Until the manufacturer gained additional visibility with Zingbox IoT Guardian, the company had been mainly focused on securing IT infrastructure. But with the visibility provided by Zingbox, they now had the necessary context of the IoT devices — they could identify each device on their network, know how it was supposed to behave, and respond to abnormal behavior. With this additional insight, the company could now secure its network.

Swift POC Yields Operational InsightsWithin a few hours after the Proof Of Concept (POC) started, Zingbox built a dashboard displaying real-time security vulnerabilities. The Zingbox team completed the entire POC in a week, which is unheard of in the manufacturing industry. Today, the company’s security team uses IoT Guardian to upgrade their firewall, secure devices operating outside of normal behaviors, and discover and respond to new threats. IoT Guardian provides all of these capabilities with no network disruption and without any modification to device hardware or software.

For many manufacturers, Zingbox’s intuitive, real-time data dashboard enables security teams to not only protect their networks from attacks but also to glean valuable operational insights. Security researchers use IoT Guardian to study operational traffic patterns and conduct forensic analyses. For example, if Zingbox’s data reveals that four out of eight tools in a production line are regularly being used, researchers may investigate whether using all eight may result in higher productivity.

As with any company, a single security breach in a manufacturing organization could be immensely damaging. But identifying ways where operations could be optimized every day is just as valuable in an industry where every second counts.

465 Fairchild Drive Suite 207 Mountain View CA 94043 | info@zingbox.com | zingbox.com