Understanding the ICS Integrity Features - PAS ICS Integrity - 7.3 - Help - Intergraph

ICS Integrity Help

Language
English
Product
PAS ICS Integrity
Subproduct
ICS
Search by Category
Help
PAS Version
7.3

ICS Integrity provides a comprehensive solution to help you protect your organization from malicious or inadvertent changes and safety and reliability threats. These features enable you to inventory your assets, identify and assess risks, and manage changes and compliance throughout your organization:

Dashboard

The dashboard provides a high-level view of policy exceptions and other indicators. You can configure these indicators using the Admin Utility. ICS Integrity also allows you to integrate the PAS Dashboard with comprehensive, customizable widgets designed to meet your specific data analysis needs. For more information, see Using the ICS Integrity Dashboard.

Asset Hierarchy

The asset hierarchy allows you to organize your assets into parent/child groupings that help you manage and drill-down to view the specific assets you need to manage. The administrator defines the hierarchy using the Admin Utility or Configuration Manager. For more information, see Using the Asset Hierarchy.

Asset Discovery

ICS Integrity can help you maintain a complete and current inventory of IT and OT assets. Networks and devices on the Process Control Network (PCN) are constantly changing. New systems are added, existing systems are removed, and unauthorized devices may connect. To ensure security and compliance, we must know what assets or devices exist at all times. ICS Integrity can gather data from assets or devices connected to the PCN to determine what is and is not on the PCN. For more information, see Understanding Automated Asset Discovery.

Inventory

The inventory explorer allows you to view all the IT and OT assets on the PCN by searching or browsing and drill-down to a specific area from summary displays. The inventory items for the asset inventory ensure that both proprietary and non-proprietary inventory items are displayed in a single view. For more information, see Understanding Inventory Items.

Configuration Management

This area includes change management and tracking, configuration policy management, and baselines. Policies allow you to monitor specific configuration parameters for your deployment and report when these parameters fall outside a defined limit. Baselines allow you to define standard system configurations and ICS Integrity can identify when a system deviates from that standard. With these powerful capabilities, ICS Integrity provides extensive configuration management. For more information, see Using Baselines and Policies and Understanding Change Tracking.

Vulnerability and Patch Management

ICS Integrity can automatically download the latest known vulnerability and patch information and compare it against the information imported from your assets. ICS Integrity can determine the list of patches that should be applied to the monitored assets. You can also identify the list of assets to investigate for potential vulnerabilities. Combined with workflow cases and views, this feature helps you manage identified assets and remediate or mitigate potential vulnerabilities. For more information, see Using Vulnerability and Patch Management.

Workflows

ICS Integrity provides a built-in workflow engine that you can use to define processes to follow for common tasks, such as evaluating and implementing patches. You can create checklists and define notifications as needed. ICS Integrity also includes a set of example security workflow templates. Using defined workflows, you can manually create a workflow case and assign it to someone, or cases can be created automatically, based on detected conditions or triggers. For more information, see Understanding Workflows and Cases.

Compliance Documentation and Reporting

ICS Integrity works with the Compliance asset module, which provides the requirements for a regulatory, industry, or company standard. The Compliance asset module states the requirements, allows you to document how your facility complies with the requirement, and provides links to reports that document your compliance. The NERC CIP compliance library is currently available. For more information, see Understanding Compliance - NERC CIP.

Standard Report Templates

ICS Integrity provides an extensive list of reports to help you manage your assets. These reports provide the details you need. For more information, see Understanding the ICS Integrity Reports.

Topology Risk Analytics

The PAS Topology asset model provides risk analytics visualization capabilities to help you identify and visualize OT (Operational Technology) and IT risks. PAS Topology uses the information collected by the Network Devices and Recon asset models to identify systems and devices on your network. For more information, see PAS Topology Asset Model Implementation Guide.

Windows Event Analytics

ICS Integrity and the PAS Recon asset model allow you to collect Windows event logs from computers throughout your organization. Event analytics provides visibility into the health and Integrity of IP networked computer systems and components. You can view the Windows event data and analytics in the ICS Integrity web interface. For more information, see Viewing Event Analytics.