Finding the needle in the 'IP' haystack
Effective network investigation and troubleshooting can be a challenge, especially when networks have evolved organically rather than by design.
Relevant experience in OT network investigation
Sometimes the indicators of an issue are obvious, a permanant link down event points to a break in the connected communication path. But what if the link went down for 30 seconds and then fully recovered? What if that same temporary down/up occured in a remote and normally unmanned location? Would this be investigated at all? Some events are more straightforward than others to remediate as the impact is highly visible and importance to resolve clear. If, however, the issue is occassional, intermittent or even invisible it is equally important to identify and remedy the issue.
Independent research suggests a typical malware will on average exist for 200 days within a network BEFORE it gets detected. In this period a wide range of outcomes are possible; the recent ‘Wannacry’ ransomware malware, now understood to have originated in North Korea, had a major impact on only loosely targeted systems. It comes down to an organisation’s appetite for risk that will dictate whether they take steps to ensure their networks are being used in the way they were originally intended.
Where visiblity or impact is less obvious or when problems are intermittent or related to application performance, it is the quality of monitoring systems, access to analysis tools, skills, experience and competence that will identify and remediate the issue.
Once identified, IT4A can recommend how to resolve all the issues and challenges at hand and provide guidance on opportunities for improvement that have been identified along the way.
IT4A have been designing and troubleshooting OT/SCADA networks since 1998. We have the tools and resources to solve the most challenging of issues. This process will often necessitate the introduction of good practise measures that will bring benefits well beyond the initial fix.