Introduction to OT-BASE Asset Discovery

OT-BASE Asset Discovery is a product component that is installed independently from the OT-BASE Asset Center. Whereas Asset Center usually sits in the Enterprise network, Asset Discovery is usually placed in the process networks. Its purpose is to automatically discover the identity and configuration of your OT and IT devices.

We refer to an individual instance of Asset Discovery as a discovery node.

OT-BASE Asset Discovery can discover and monitor multiple networks both locally and remote, however more than one Asset Discovery node is usually installed. For example, different sites may (and should) all report to one central OT-BASE Asset Center. The number of Asset Discovery nodes that you install completely depends on practicality and has no impact on license fees. In multi-site deployments, it is not rare to see several hundred Asset Discovery nodes working in concert -- like a discovery swarm.

OT-BASE Asset Center will never try to connect to Asset Discovery, which makes it easy to keep your process networks protected from the Enterprise network -- for example by using firewalls, data diodes, and DMZs. All data traffic between Asset Discovery and Asset Center is upstream only, originating from Asset Discovery.

System requirements

OT-BASE Asset Discovery runs on Windows 7 and higher. For Windows 7, the following requirements must be met:

• SP1 installed
• KB3033929 installed (Driver signature support for Npcap)
• KB2533623 or monthly KB4457144 installed (Python multiprocessing support)
• Microsoft Visual C++ 2015 Redistributable installed (api-ms-win-crt-runtime-l1-1-0.dll needed).

The amount of memory that is needed mostly depends on the number of devices that are probed by the node. If this number is low, such as a couple hundred endpoints, you will barely notice Asset Discovery consuming memory, and the probing will often be completed within a couple of minutes, if not seconds. On the other end of the spectrum, there are installations where one discovery node probes many thousand endpoints, which will then require a dedicated machine with a decent amount of RAM (16+ GB).

Asset Discovery software architecture

OT-BASE Asset Discovery itself consists of two components:

• a Windows service that does the actual network probing
• a Windows front-end application for configuring the service.

The service implementation makes sure that Asset Discovery continues running even when nobody is logged on to the computer on which the software executes, which is important because automatic transfer of asset data usually takes place at night.

The configuration front-end

The discovery service does nothing on its own before it is configured. This is usually done using the configuration client. The configuration client lets you fine-tune probing options for various networks and devices, and it also provides immediate feedback if your probing is configured properly, because it will show a subset of discovery results right away.

Centralized management application

If you are running dozens or hundreds of Asset Discovery nodes, managing each node individually by RDP'ing to the node's configuration client is not an option. This is where OT-BASE Discovery Manager comes in, the centralized management application for OT-BASE Asset Discovery.

REST API for programmatic orchestration

Besides OT-BASE Discovery Manager there is another means of changing the configuration of OT-BASE Asset Discovery nodes. You can do configuration changes programmatically via a REST API, which means that no admin has to sit in front of a computer screen and has to type in every single configuration change.