Maxim_Kazmin - Fotolia

Sentryo acquisition to bolster Cisco IIoT security

Cisco plans to acquire industrial security firm Sentryo. The acquisition would add network visibility, anomaly detection and real-time threat detection to the Cisco IIoT portfolio.

Cisco plans to acquire Sentryo, a maker of industrial IoT security technology that Cisco will combine with its products to help customers lock down industrial control systems.

Cisco said this week it expects to close the purchase of Sentryo, based in Lyon, France, by the end of October. Cisco did not release financial details but said the acquisition would bolster industrial control system (ICS) security in the Cisco IIoT portfolio.

The acquisition reflects the market demand for systems that secure components of ICSes. Many of those devices, such as programmable logic controllers and remote terminal units, do not have security mechanisms capable of fending off modern-day hackers.

Cisco said it plans to acquire Sentryo to address those problems. Sentryo's ICS CyberVision product provides customers with visibility into their operational technology (OT) networks to help spot threats.

ICS CyberVision provides that visibility through sensors that collect data from network communications to identify assets across an OT network, even if it's geographically dispersed, Gartner said in a recent industrial security report. The product also analyzes the information to provide anomaly detection and real-time threat detection.

ICS CyberVision software can run on Cisco IOx environments, which are a combination of the company's IOS network operating system and the Linux operating system for running IoT applications, Gartner said. ICS CyberVision customers can deploy the product in most OT networks because of partnerships Sentryo has with all the leading automation equipment vendors.

Sentryo ICS CyberVision in Cisco IIoT

Cisco plans to integrate the intelligence from ICS CyberVision into their DNA Center, a network management software console, and Identity Services Engine, an enforcer of security and access policies. That will let IT teams create and distribute policies that define communications for groups of devices, while also instructing network components to take specific actions to isolate devices operating abnormally.

"A management and security platform that's integrated in some way with Cisco's network management solutions makes a lot of sense from an M&A [merger & acquisition] standpoint," said Shamus McGillicuddy, an analyst at Enterprise Management Associates (EMA), based in Boulder, Colo.

In a blog, Liz Centoni, general manager for IoT at Cisco, said the integration between Sentryo and Cisco technologies would "allow OT teams to leverage the IT security team's expertise to secure their environments, without risk to the operational processes."

During a keynote at the RSA Conference in March, Centoni said security would become the "bridge" between IT teams responsible for protecting networks and OT teams accountable for keeping production lines running.

That bridge is already under construction. EMA research has shown that network teams are sometimes asked to troubleshoot IoT device problems and that security is "a major issue in all aspects of the network teams' involvement with IoT, from planning to operations," McGillicuddy said.

Dig Deeper on Network security

Unified Communications
Mobile Computing
Data Center