Versions Compared

Old Version 1

changes.mady.by.user Miguel Lauriano

Saved on

compared with

New Version Current

changes.mady.by.user Aparna Rr

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

It is designed to meet the unique security needs of OT environments. This includes protecting system availability, understanding OT-specific protocols, and blocking attacks targeting the legacy systems commonly used in OT environments.

 Device Information

 Entity

Particulars

Vendor Name

Tenable

Product Name

Operational Technology 

Type of Device

Hosted

Collection Method

Log Type

 Ingestion label

Preferred Logging Protocol - Format

Log collection method

 Tenable OT

 TENABLE_OT

 Syslog - CEF

CyberHub

Port Requirements

Source

Destination

Port

 Tenable OT

CyberHub

601 (TCP)

To facilitate secure communication and align with our best practice, we strongly encourage the use of Transport Layer Security (TLS) between your security devices and our Adaptive MxDR platform for event forwarding.

...

In some cases, the upgraded version of the device might incorporate TLS support without prior notice. If you come across such a scenario or for further assistance in configuring TLS, we kindly ask you to reach out to your dedicated Adaptive MxDR Service Delivery Lead.

Device Configuration

The following procedure describes how to To set up a Syslog Server using the Management Console UI.

  1. In the Management Console UI, under Local Settings, go navigate to Servers > Syslog Serversscreen

...

  1. Click + Add Syslog Server. The Syslog Servers configuration window is displayed

...

...

  1. In the Server Namefield, enter the name of a Syslog Server (CyberHub) to be used for logging system events.

  2. In the Hostname/IPfield, enter a host name or an IP address of the CyberHub

  3. In the Portfield, enter the port number (TCP: 601)

  4. In the Transportfield, select from the dropdown list the transport protocol to be used. Choose TCP.

  5. If you would like to send a test message to verify that the configuration was successful, click Send Test Message, and check if the message has arrived.

  6. Click Save

The above setting does not include forwarding of system logs.

To configure the system to send System Events to a Syslog server, follow below steps:

  1. Go Navigate to the Local Settings > System Log screen

  2. In the header bar, click on Select syslog sever.
    A dropdown , displays a list of servers is displayed.

  3. Select the desired server which we created earlier.

...

Parameters required from customer for Integration.

Property

Default Value

Description

IP Address

 Tenable OT interface IP address

Hostname or IP address of the device which forwards logs to the CyberHub