In a complex world of ever-evolving technologies, GE Vernova understands the importance of having an experienced industrial cybersecurity partner to help you safely secure your digital assets. Systems must be continually tuned, monitored, and managed—and many teams struggle to keep pace with all these ongoing demands. Establishing these security mechanisms doesn’t just take time, it takes expertise.
The reality is that implementing general purpose security platforms in OT environments can break business-critical plant operations.
Many decision makers face two highly unappealing scenarios:
But GE Vernova's cybersecurity solution offers a far more appealing alternative.
GE Vernova's cybersecurity solution delivers comprehensive security capabilities in a single, pre-integrated platform, enabling your organization to establish robust, defense-in-depth controls in plant environments.
The solution provides security controls and OT maintenance tools for GE and non-GE control networks. With GE Vernova's cybersecurity solution, you can leverage a full suite of security capabilities—without all the time, cost, and effort of procuring, testing, integrating, and deploying these disparate solutions independently.
GE Vernova’s cybersecurity solution helps collect, correlate, and forward security logs and events, and it presents this information to plant personnel in a highly usable format. The solution offers identity and password management capabilities for control-system environments. Additionally, the solution can be customized so that it aligns with your existing environment—including your security incident and event management (SIEM) platform, backup mechanisms, anti-virus technologies, log management platforms, and more:
Supports integration with a range of operating systems—including various versions of Linux, Windows, and UNIX.
Features close alignment with power generators’ OT environments—including GE and third-party equipment.
Automates patch deployments, configuration policy enforcement, configuration file backup, and more.
Delivers applications, services, hardware, and configurations that are pre-integrated, tested, and tuned.
Helps customers address near- and long-term needs, featuring a modular approach that enables scalability. Offers capabilities for feeding information into an enterprise security operations center (SOC); so, teams can efficiently manage an entire fleet. Supports flexible integration of new technologies.
With the application white-listing option, Windows-based devices have an improved security posture by reducing the risk and cost of malware, improving network stability and reliability.
This feature automatically identifies trusted software that is authorized to run on control system human-machine interfaces (HMIs) and prevents unknown or unwanted software.
Continuous threat monitoring and advanced logging intelligence that aims to give you deep, granular industrial control system (ICS) visibility via asset identification and asset configuration change detection.
By analyzing network traffic through deep packet inspection and fluent in over 42 of the native industrial protocols commonly found in ICS security, a baseline is constructed of normal operations, which is then used to detect anomalies.
Automatic, centralized backup and recovery of the process control domain saves time and cost by deploying a quick disaster recovery plan with minimal downtime.
All backup activities are logged and easily accessed for generating reports that conform with compliance reporting.
A data diode is a physical piece of hardware that acts as a unidirectional network communication device that facilitates a secure, one-direction transfer of data between networks.
Its design inherently creates a physical separation between the source and destination networks. Data diodes effectively eliminate all external points of entry to the sending system, thus preventing unauthorized users from gaining access to the protected network.
GE Vernova’s customizable network security option helps monitor and block malicious activity and attacks and provides continuous visibility of unusual activity and potential threats to the control system network. Stateful tracking of network traffic to allow approved communications between connected devices and the “outside” network.
Additionally, Next Generation Firewalls can inspect certain network traffic types to identify ports that may change during communications to demonstrate that traffic is permitted to flow (for example, FTP, TFTP). Next Generation Firewalls can perform additional checks on traffic—including application-level inspection and filtering of network traffic with exception.
Provides centralized control and management specific to the controls environment, enabling you to manage access to the industrial control system based on permissions. Benefits of RBAC include:
GE Vernova provides a scalable solution with both real-time and historic dashboard views of cyber activity—such as changes to switch configurations, failed login attempts, unauthorized port access, and USB usage. Operator cybersecurity dashboards include:
Multifactor Authentication (MFA)—sometimes called “two-factor authentication” or 2FA—is a security protocol that requires a user to present two pieces of evidence when logging into a given account or application.
Multi-factor authentication combines hardware-based authentication and public key cryptography to ensure strong authentication and eliminate account takeovers.
A zero-trust solution that safeguards against cyber risks—including insider threats—through its unique, browser-based hardened platform. Secure remote access technology provides a simple and secure access mechanism to critical assets by using: