Description
This article discusses the configuration and usage of the 'Operational Technology (OT) Security Service'.
Scope
FortiGate, IPS, and Application Control.
Solution
Operational Technology (OT) Security Service is available as an 'Industrial Security Service' in v7.4.0 and earlier. Refer to the document below to learn more about the changes from 'Industrial Security Service' to 'Operational Technology (OT) Security Service': Industrial Security Service to Operational Technology Security
The main uses of 'Industrial Security Service (ISS)' or Operational Technology are:
- To protect Industrial Control Systems (ICS).
- Operational Technology (OT) and.
- SCADA systems.
These are critical infrastructures used by manufacturing industries.
Note:
An Industrial Security Service license is required to use this signature database.
These Signatures are excluded by default and they can be added as mentioned in this document,
Operational Technology Security Service
The Signatures related to OT (Operation Technology) will be updated in both Application Control and Intrusion Prevention Profiles. To view the Signature database in Application Control profile, refer to the above document.
In the IPS Profile, the Signatures related to Operation Technology can be searched:
To know the list of Signatures of OT available in Application Control and IPS respectively, refer to the URLs below:
The logs for the same can be filtered from Application Control under Security Events -> Filter by IoT under Category.
Starting from v7.4.1, there is a Security Profile called Virtual Patch Security Profile which can be used in the Firewall Policy, and logs for the same will be available under Security Events. Refer to the document below for more information: Virtual Patching
