This question was originally posted on DCIM Support by Paul Bartholomew on 2019-06-10
Hi
I have an email from a customer that has DCE and DCO, and is about to deploy some protection software by Carbon Black. He has some questions about the whitelisting function regarding our software. Can anyone shed any light on the subject. I have pasted his email below:
At the future point in time when Application Whitelisting agents are deployed to the Woodside OT fleet, the software you supply/support will need to be added to a whitelist to ensure its continued operation.
At this stage we're not seeking any involvement from your organisation on the OT Cyber Resiliency Project, other than we would like you to:
(CID:144867993)
Solved! Go to Solution.
This answer was originally posted on DCIM Support by Steven Marchetti on 2019-06-10
Hi Paul,
I don't understand enough about the application itself to provide a precise answer. If as I imagine this is a software installed on the operating system to monitor it like an anti-virus, it can not be installed on StruxureWare DCE. DCE is a "Black Box" and nothing can be installed on the system. Although I don't have enough info on DCO, I would imagine it would potentially cause issues there as well. Additionally, if there is something trying to connect to the systems, there is little to no info that can be obtained. There is also no "white-listing" available on the system for applications
If you have more specific info on how this "Carbon Black" may operate and what it needs or does, perhaps we can provide a more specific answer.
Steve
(CID:144868100)
This answer was originally posted on DCIM Support by Steven Marchetti on 2019-06-10
Hi Paul,
I don't understand enough about the application itself to provide a precise answer. If as I imagine this is a software installed on the operating system to monitor it like an anti-virus, it can not be installed on StruxureWare DCE. DCE is a "Black Box" and nothing can be installed on the system. Although I don't have enough info on DCO, I would imagine it would potentially cause issues there as well. Additionally, if there is something trying to connect to the systems, there is little to no info that can be obtained. There is also no "white-listing" available on the system for applications
If you have more specific info on how this "Carbon Black" may operate and what it needs or does, perhaps we can provide a more specific answer.
Steve
(CID:144868100)
This comment was originally posted on DCIM Support by Paul Bartholomew on 2019-06-11
Hi Steve
Thanks for your reply
Yeah, I pretty much replied the same thing to the customer so I leave it with them for now. I suggested that if their security software allows them to white-list manually that they should allow DCE and DCO, if it is set through some sort of global database, then they need to apply to the developers to allow specific software (the same way anti-virus databases work). I let them know that they are java apps and that the relevant JRE will be required to run also.
I guess ultimately its up to them to configure the white list, and our software like any other software can be allowed or disallowed.
(CID:144868290)
This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.
Discuss challenges in energy and automation with 30,000+ experts and peers.
Find answers in 10,000+ support articles to help solve your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!