Connect@Plant

Connect@Plant enables the customer to control threats and manage risks connected to remote access, through one dashboard. 

The solution gives external vendors secure access to onshore and offshore installations to perform maintenance and changes on ICS/PCSS systems – designed for the oil and gas industry and compliant with the recommendations in the NORSOK standards and OLF/NOG104 guidelines.

Connect@Plant provides optimal security through its segregation of networks and services, advanced tools for preventing unwanted access or malware, and tools for monitoring all access and network traffic (SIEM).

Through a comprehensive dashboard, the customer is in full control of all access granted, and real-time connections to Industrial Control Systems (ICS). 

The Connect@Plant Security hub consists of several key technologies to secure the operation:

• Web based management
• Dynamic firewall rules with identity awareness  
• Deep monitoring with IPS and Qradar
• Malware and malicious code scanning
• Work Permit Engine with integration API
• Endpoint Control - Anti-virus and Windows updates verification on connecting client 
• Secure File Transfer with threat emulation  
• User authentication with two-factor and one-time password  
• All traffic encrypted
• Access only with a valid work permit  
• Map users' qualifications and skills  
• Dynamic roles  
• Easy overview for work permit planning  
• Self-service for user administration, qualifications and systems  
• All network and user activity is logged  
• All changes to servers are logged  
• SSL, Split-VPN and Full-VPN support
• Delivered as a product with regular product updates

An integrated work permit database triggers automated procedures that grant access as requested by the Customer’s Connect@Plant operator. The work permit database can be integrated with the Customer’s existing maintenance system, or used stand-alone.

The Connect@Plant Portal offers an integrated endpoint analysis tool. The endpoint analysis will verify the connecting computers system updates and Antivirus software, ensuring that the client connecting is free from malware. The portal uses two-factor login, with a separate passcode sent to the user's mobile or e-mail.  

After a successful login, the user will be taken to a security hub and presented with a dashboard with the qualified systems. The customer will send mouse and keyboard input and receive a visual presentation of remote plant systems.

With no valid work permit, access to applications through the firewall will be disabled.  Enabling a work permit will open access for a given time slot.

Traditionally, firewalls use IP addresses to monitor traffic and are often unaware of the user and computer identities behind the IP addresses. Identity Awareness removes this notion of anonymity by mapping users and computer identities, enforcing you to access and audit data based on users’ identity.

Threat Emulation

ThreatCloud Emulation Service prevents infections from undiscovered exploits, zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the protected network. Connect@Plant uses Threat Emulation on files uploaded through the File Transfer service. 

SIEM – Security Information and Event Management

IBM Security QRadar SIEM is a network and security management platform that provides situational awareness and compliance support. IBM QRadar is used as SIEM solution for integrating security information and event management, log collection, correlation and anomaly detection. Access for third parties is possible to provide external analysis.

The Connect@Plant solution can integrate with customers’ existing maintenance system, training portal and infrastructure.