SNOK™ Cybersecurity monitoring for industrial infrastructure

SNOK™ Network Intrusion Detection System (IDS) is a network intrusion and anomaly behavior detection system made specifically for Industrial Automation and Control Systems (IACS).

Infrastructure such as the electric power grid, oil and gas installations, water utilities, transportation systems, manufacturing facilities and many more are increasingly vulnerable for cyber-attacks. SNOK™ obtains a full overview of the system you are defending and continuously monitors the network for suspicious behavior. SNOK provides the visibility needed to respond to unauthorized activity, viruses, malware and sophisticated attacks (Advanced Persistent Threats) at an early stage.

The SNOK™ Network IDS can be placed at the perimeter of the network and strategic internal points to monitor the data traffic between critical components. This makes a SNOK™ Network IDS installation flexible and suitable to monitor networks in distributed and segmented infrastructures.

SNOK™ provides operators with insight into common blind spots such as controller networks. Many attacks enter the infrastructure from the inside and goes under the radar of perimeter protection such as firewalls.

SNOK™ uses anomaly detection to catch all types of intrusions, both malware and non-malware. SNOK™ Network IDS alerts the infrastructure operator in real time of security events such as:

• new equipment communicating in the network
• new connections or new protocols in use
• between existing nodes
• new remote connections or other unexpected traffic patterns

Upon detection of an alert, SNOK™ Network IDS provides information for the operator or analyst to localize and characterize the abnormal network behavior.

The SNOK™ Network IDS can be complemented by other products in the SNOK™ Cybersecurity Monitoring System family. The SNOK™ product family combines information from network and endpoint monitoring providing for early detection of attacks on your infrastructure.

‍

SNOK™ - Real time monitoring, enables immediate response.

Built for Industry – SNOK™ unique abilities to uncover blind spots are achieved because SNOK™ is built for industry.

‍

‍

Non-intrusive: SNOK™ does not disturb the industrial process.

No signature updates required: SNOK™ knows the fundamentals of a cyberattack. Once installed it needs no signature updates or similar to keep detecting new attacks.

Tiny footprint: Computing and storage resources are often scarce in industrial settings. SNOK™ uses minimal resources on the industrial infrastructure.

Backwards compatible: SNOK™ can be used to monitor legacy equipment such as unsupported Windows and Linux endpoints.

Quick and easy to install: SNOK™ has a simple installation process and requires only a short learning period to train the system.