Ticking the feature boxes
- Asset management
- Anomaly detection and response
- Security management
- Network-based security
- Identity and access management (IAM)
- Near endpoint-based security
- Supported through specialist OT security consulting, integration and managed services
Splice's radical design approach gives 100% visibility of OT traffic, allowing for unique features such as:
- Vulnerability shielding
- API strenghtening
- Secure remote access
- Virtual network level patching
- Black box flight recorder
- Cloud capability
The Splice controller is the heart of the solution. Security for site cloaks and OT devices behind these cloaks are managed from the controller. This is also the consolidation point for the overlay network as well as the point where access policies are enforced, traffic inspected and authentication offloading occur.
The controller can be deployed as either a virtual appliance or a redundant hardware appliance (with High Availability). If VM infrastructure is not available or high security (independant of the VM host environment) is a requirement, the hardware appliance option is preferred.
Splice Alt-path Controller
For high availability a second controller is deployed in the environment. Cloaks establish multiple logical paths to both the primary and alt-path controllers. If a link failure is detected, traffic is routed through the alt-path controller.
Splice cloaks are available in various form factors, suitable for geographically distributed applications, harsh environmental conditions, high density OT sites and low density OT sites.
Dual brain cloaks are optional. These cloaks have independant processors and magnetic relays. In case of a failure of one of the brains (or the underlay network supporting the brain), the primary brain releases access to the OT network in favour of the secondary brain.
Dual brain cloaks with alt-path controller setup provides for up to 16 redundant (always active) logical paths between OT devices, improving network reliability and redundancy in the process.
Cloaks are also available as low resource virtual devices for integration points with IT infrastructure that is already virtualised and requires access into the OT network.
Cloaks make use of normal network infrastructure for obtaining an IP address, DNS and gateway settings.
Splice Machine Learning / AI Engine
Machine Learning and AI algoriths are offloaded to an out of band device in order to keep intensive compute resources from impacting the overlay network. This is a separate add-on to the Splice solution.