Quite a lot. Both editions:

  • Visualize a map of nodes and their network interaction allowing you to monitor connection to the network in real time.
  • Support deep packet inspection (DPI) of a wide range of industrial and common network protocols to the application layer.
  • Detect incidents in ICSs and provide tools for incident management.
  • Can detect network connections over protocols for which DPI is complicated or is not required for ICS security.
  • Can operate in learning mode when the system remembers all network nodes and connections and creates incidents for network anomalies after learning is completed.
  • Allow you to authorize network connections if they are acceptable, in order not to create incidents when such connections are detected.
  • Allow exporting a list of events, incidents, and nodes in CSV format.