Views:
OT Application Safeguard is an industrial-based change control protection. This feature ensures the StellarProtect-recognized OT applications to be updated without being blocked or restricted. In addition, users can enable OT application protection to secure recognized OT application executable binary files.
Note:

Upon launch, StellarProtect will auto-detect currently-installed OT applications and put them under protection. The recognized OT applications will be shown on the General Info tab page.

  1. Click the Agents tab in the top navigation bar of the StellarOne web console.
  2. Click the All group on the Agents screen. The Agents screen displays a list of agents managed by StellarOne.
  3. Navigate to the target agent or agent group and click the Policy icon under the Actions header.
  4. The General Info screen appears. Check the OT Applications automatically recognized by the StellarProtect agent.
    Note:

    Be sure to enable the Maintenance Mode before installing new OT applications. After the installation process completes, disable the Maintenance Mode and then StellarProtect will auto re-scan the newly-added OT applications. Any new applications found will be added into the OT Application Safeguard list. Please refer to Configure Maintenance Mode for how to enable this function.

  5. Users can also manually add the installation path for the application into the Safeguard’s protection list.

    1. Click the Policy tab and scroll down and find the OT Application Safeguard at the left side of the screen.

    2. Make sure the OT Application Safeguard toggle is switched on.

    3. Click File/Folder, and then a pop-up window appears.

    4. Click the +Add button, and then select Folder or File and specify the folder or file path in the corresponding text fields.

      Note:

      By default StellarProtect will only protect the PE files (.exe and .dll) under the selected folder and its subfolder(s).

    5. (Optional) If users want to protect all files inside the selected folder, please uncheck the Executable files only.

      Tip:

      By unchecking the Executable files only option, users can prevent their own secret files, configurations, or other files under the selected folder from being modified.

    6. Click Add to complete the setting.

  6. Users can also add user-defined processes.

    1. Go to Policy > OT Application Safeguard, and then click the Authorized Processes option.

    2. A pop-up window appears. Click the +Add button, and then specify the authorized processes in the corresponding text fields.

      Important:

      By adding the authorized process, users may set other applications to be trusted and change the protected files/folders previousely defined as well as the PE files for OT applications detected by agents. Please note if any malicious file has been set into the authorized process, StellarProtect cannot prevent this file from modifying the OT applications since it has been already excluded from the StellarProtect’s monitoring process. Make sure the user-defined authorized process is safe before adding it.

    3. Click Add to complete the setting.

Parent topic: Policy Settings for StellarProtect