Infrastructure monitoring tool for collecting industrial process control and automation system risk data
First Claim
1. A method comprising:
- discovering multiple devices in a computing system by a risk manager system;
grouping the multiple devices into multiple security zones by the risk manager system;
for each security zone, causing one or more devices in that security zone to provide information to the risk manager system identifying alerts and events associated with the one or more devices according to configuration data sent to the one or more devices by the risk manager system,wherein the configuration data defines the alerts and events to be provided by the one or more devices and include a management pack that defines data characterization and can be executed by one or more devices to translate the alerts and events into the information provided to the risk manager system, said management pack configured for each category with a unique configuration identifier for each type of data to be collected;
storing the information, by the risk manager system, in association with unique identifier values, the unique identifier values identifying different types of information.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure provides an infrastructure monitoring tool, and related systems and methods, for collecting industrial process control and automation system risk data, and other data. A method includes discovering multiple devices in a computing system by a risk manager system. The method includes grouping the multiple devices into multiple security zones by the risk manager system. The method includes, for each security zone, causing one or more devices in that security zone to provide information to the risk manager system identifying alerts and events associated with the one or more devices. The method includes storing the information, by the risk manager system, in association with unique identifier values, the unique identifier values identifying different types of information.
-
Citations
23 Claims
-
1. A method comprising:
-
discovering multiple devices in a computing system by a risk manager system; grouping the multiple devices into multiple security zones by the risk manager system; for each security zone, causing one or more devices in that security zone to provide information to the risk manager system identifying alerts and events associated with the one or more devices according to configuration data sent to the one or more devices by the risk manager system, wherein the configuration data defines the alerts and events to be provided by the one or more devices and include a management pack that defines data characterization and can be executed by one or more devices to translate the alerts and events into the information provided to the risk manager system, said management pack configured for each category with a unique configuration identifier for each type of data to be collected; storing the information, by the risk manager system, in association with unique identifier values, the unique identifier values identifying different types of information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A risk manager system comprising:
-
a controller; and a display; wherein the controller is configured to; discover multiple devices in a computing system; group the multiple devices into multiple security zones; for each security zone, cause one or more devices in that security zone to provide information identifying alerts and events associated with the one or more devices according to configuration data sent to the one or more devices by the controller, wherein the configuration data defines the alerts and events to be provided by the one or more devices and include a management pack that defines data characterization and can be executed by one or more devices to translate the alerts and events into the information provided to the risk manager system, said management pack configured for each category with a unique configuration identifier for each type of data to be collected; and store the information in association with unique identifier values, the unique identifier values identifying different types of information. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory machine-readable medium encoded with executable instructions that, when executed, cause one or more processors of a risk manager system to:
-
discover multiple devices in a computing system; group the multiple devices into multiple security zones; for each security zone, cause one or more devices in that security zone to provide information identifying alerts and events associated with the one or more devices according to configuration data sent to the one or more devices by the risk manager system, wherein the configuration data defines the alerts and events to be provided by the one or more devices and include a management pack that defines data characterization and can be executed by one or more devices to translate the alerts and events into the information provided to the risk manager system, said management pack configured for each category with a unique configuration identifier for each type of data to be collected; and store the information in association with unique identifier values, the unique identifier values identifying different types of information. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification