Frequently Asked Questions
Your Questions, Answered
Welcome to our FAQ section. Here, we have compiled answers to the most common questions about Nautilus OT, our solutions, and how we help businesses enhance their cybersecurity. If you do not find what you are looking for, feel free to reach out. We are happy to help.
General Information
What does the product do?
Nautilus OT software empowers organizations to strengthen the cybersecurity of operational and industrial environments. By offering real-time asset visibility, proactive threat detection, and insight into their cyberrisk posture, it enables the protection of critical infrastructure and identification of vulnerabilities. Additionally, Nautilus OT brings cybersecurity awareness to the board or executives through clear andĀ actionable executive reporting, ensuring robust and secure OT networkĀ operations.
What kind of returns can we expect by preventing cyber incidents with your solution?
The threat landscape for especially OT/ICS infrastructure has changed dramatically in the last 3 to 4 years to a massively higher risk profile for such environments. Preventing cyber incidents can lead to substantial cost savings by avoiding direct costs such as ransom payments, legal fees, and regulatory fines, as well as indirect costs like lost revenue, reputational
damage, and recovery expenses. Our solution brings assets discovery, early threat detection and rapid response, minimizing these risks.
Can I buy this via my existing OT services partner?
Please contact us so we can bring you in touch with a service partner near you. We are open to discuss adding partners to our extensive partner list.
Do you offer a free trial?
Due to the nature of the product there is no free trial version available. We do offer for a fee an offline remote analysis of a network packet capture file
(PCAP).
Is cybersecurity consulting included?
Consulting services via partner client activation support packs to assist you with installations are available.
What problems does it solve? What make Nautilus stand out?
Nautilus OT software was purpose-built to address the unique challenges ofĀ securing industrial and operational environments, overcoming the
limitations of traditional IT security solutions. Key problems it solvesĀ include:
1. Limited cybersecurity boardroom awareness
Nautilus empowers executives and boards with clear, actionable executiveĀ reporting, raising awareness of cybersecurity risks and fostering informedĀ decision-making.
2. Limited Asset Visibility: OT networks often contain numerousĀ unmanaged and undocumented devices. Nautilus provides completeĀ visibility of all connected assets, helping to create a secure, well-mapped network.
3. Vulnerability to Cyber Threats: Many OT systems lack adequateĀ security measures, leaving them exposed to ransomware, malware,Ā and other cyber threats. Nautilus continuously monitors for suspiciousĀ activity and detects vulnerabilities to reduce the risk of potentialĀ breaches.
4. Lack of Incident Response Capabilities: Traditional incident responseĀ solutions donāt always fit OT networks. Nautilus offers tailoredĀ response tools to contain and mitigate threats in real time, minimizingĀ damage to critical operations.
5. Complex Compliance Requirements: Industrial organizations faceĀ stringent regulations such as NERC CIP, NIS2, and IEC 62443.Ā Nautilus simplifies compliance through detailed reporting and audit
logs, ensuring organizations meet regulatory standards efficiently.
What are the initial and ongoing costs associated with implementing and maintaining your solution?
Our licensing model is fully based on a monthly flexible model whichĀ charges only for network ports that are active in the billing month. TheĀ only one-time costs are for optional deployment support (we have affordableĀ support packs) and hardware costs if you choose to deploy one of our highĀ performing hardware-based sensor device(s). We also provide a virtualizedĀ sensor device at no additional costs in which case you must provision andĀ maintain the minimum required network, compute and storage resources.Ongoing costs cover monthly license fees.
Who is this product intended for?
Nautilus OT is designed for organisations operating in sectors where the convergence of IT and OT poses unique cybersecurity challenges. With a
focus on safeguarding your infrastructure and enhancing visibility, Nautilus OT addresses the cybersecurity needs of sectors such as:
1. Energy and Utilities: Power plants, electrical grids, water treatment
facilities, and gas pipelines that need to secure their networks from cyber threats and ensure uninterrupted service.Ā
2. Manufacturing: Factories, assembly lines, and processing plants that depend on interconnected machinery and automation, which are increasingly targeted by cyberattacks.
3. Oil and Gas: Refineries, drilling platforms, and pipeline networks that require robust security to prevent disruptions in highly sensitive, hazardous environments.
4. Transportation and Logistics: Railways, airports, and seaports, where OT systems manage operations that are critical for the movement of goods and people.
5. Healthcare and Pharmaceuticals: Facilities that rely on OT devices and systems for essential processes like medical device management, lab
automation, and production of pharmaceuticals.
6. Building Management Systems (BMS): Organizations with complex building operations, such as data centers and smart buildings, where OT
controls HVAC, lighting, and security systems. By focusing on these sectors, Nautilus OT helps safeguard vital operations and protects against disruptions that can impact public safety, productivity, and the environment.
How does your solution handle incident management and response?
Our solution creates and manages issues for follow-up on detectedĀ anomalies, ensuring that no threat goes unaddressed and that all incidentsĀ are thoroughly investigated and resolved. It provides automated alerts andĀ tools for managing and mitigating threats, ensuring swift and effective response. We have integrations with well know incident-management tools.
What financial risks are mitigated by using your solution, particularly in terms of cyber security threats?
Our solution mitigates financial risks by preventing costly cyber-attacks, reducing the likelihood of regulatory fines due to non-compliance, and minimizing operational downtime. Additional savings come from reduced incident response costs and lower operational disruptions. This enhances the overall security posture leading to long-term financial benefits.
What are the long-term benefits of implementing your solution in terms of business continuity and operational efficiency?
Long-term benefits include a significant reduction in potential operational disruptions due to cyber incidents, compliance with evolving regulatory requirements, and enhanced operational efficiency through continuous monitoring and proactive threat management. Our platformās scalability supports business growth and technological advancements, ensuring ongoing protection.
How does Nautilus differentiate itself from competitors in the Cyber Security Market?
Nautilus sets itself apart with an accessible price point, a hybrid solution combining local sensors and a secure European-based analysis platform, and strict EU data sovereignty compliance. Leveraging AI and Machine Learning, our platform delivers real-time threat detection and actionable, easy-to-understand executive reporting tailored for strategic decision-making, ensuring both security and clarity for our clients.
How scalable is your solution for large-scale deployments across multiple sites?
Our hybrid cloud solution is highly scalable, supporting both small and large-scale deployments across multiple sites. It securely holds data from all locations, displaying it by site and in aggregate for comprehensive visibility. The platform easily integrates additional sensors and data points as your organization grows, ensuring consistent and seamless security coverage without compromising performance.
What are the primary security protocols and standards supported by your solution?
Our solution supports a wide range of security protocols, including Modbus, BACnet, MQTT, Siemens S7, CIP, IP, OPC, SCADA, and Profinet, ensuring comprehensive security coverage across diverse OT and IoT environments. With an open architecture and deep packet inspection capabilities, additional protocols can be easily added as needed.
Features and Usage
What are the main features?
Nautilus OT is built to improve visibility and streamline threat detection in OT environments where traditional IT security solutions may fall short. Signature features are:
Asset Discovery and Management
1. Provides detailed visibility into all assets across the OT network.
2. Identifies and catalogs all devices, including those with unique protocols in industrial environments.
3. Helps create an accurate inventory to understand the full scope of OT infrastructure.
Network Monitoring and Threat Detection
1. Monitors OT network traffic in real-time for unusual behaviour.
2. Detects threats such as malware, unauthorized access, and suspicious communication.
3. Uses anomaly detection, behavioural analysis, and pattern recognition to identify potential attacks.
Vulnerability Management
1. Scans OT assets for known vulnerabilities and configuration issues.
2. Provides insights on risks related to outdated software, firmware, and other weaknesses.
3. Offers guidance on remediation steps to mitigate identified risks.
Compliance and Reporting
1. Assists in meeting compliance requirements for standards like NIST, NIS2, IEC 62443, and ISO 27001.
2. Generates reports on asset inventory, vulnerabilities, and network security status.
3. Provides audit logs and documentation for regulatory and internal reporting needs.
User-friendly Dashboard and Visualization
1. Offers a centralized dashboard with a clear overview of the OT environmentās security posture.
2. Provides visualization tools to map network topology and track data flow across assets.
Allows users to drill down into specific assets or threats for more detailed information.
How does your solution support risk management for CFOs?
Next to providing in-depth technical threat information, Financial Risk management is a key part of our solution. In quantifying the Cyber risk in your OT/ICS environment we add an important dimension to your overall business risk posture. Our comprehensive risk assessments and real-time analytics, provide the insights you need to evaluate and manage potential threats effectively. These insights translate into critical metrics such as Risk Appetite, Annualized Loss Expectancy (ALE) and Annualized Rate of Occurrence (ARO), which are invaluable for financial reporting. By using these metrics, it empowers you to make informed decisions and maintain financial stability while mitigating cyber threats.
Do you provide a real-time dashboard?
Yes, each client gets a fully separated instance with only their own data and will have 24/7 access to the dashboards which are hosted in our central EU-based environment.Ā The network scanning runs continuously, and information is being updated upon new findings.
Can I adjust settings to meet my needs?
Yes, the Nautilus platform allows you to customize various settings to meet your specific needs. You can adjust business parameters, such as yearly revenue for accurate ALE (Annualized Loss Expectancy) calculations. Additionally, you can assign values to individual assets, configure risk levels, customize report formats, and set alert thresholds. These options ensure the platform aligns with your operational priorities and risk management goals.
How does your solution enhance our financial reporting and audit processes, particularly concerning cyber security?
Our solution delivers detailed, customizable reports that align with financial reporting and audit requirements. These reports provide valuable insights into your organisationās cybersecurity posture, compliance status, and associated financial risks. Additionally, our tooling leverages quantifiable data and proprietary algorithms to calculate your organisationās risk posture, offering metrics that can be seamlessly integrated into financial reporting processes.
Licensing, Subscriptions, Charges
What licensing options are available?
Aligned with our focus to serve small to mid-sized businesses, we decided to keep it simple: we offer ONE flexible model: a monthly subscription with a charging model for active assets only. So, you only pay for what has been active
Is charging fixed or variable?
This depends on your choices. We have very affordable setup support packs which accelerate your deployment to just a few hours. These packs have a one-time fee.
In additions our model requires at least 1 sensor device in your network. If you select our high-performance physical sensor, the device(s) must be purchased for a one-time fee at contract start. After secure activation, the sensor device then starts scanning the network. Each unique IP address then is counted. Each month your invoice will be based on IP address actuals.
How can I renew my license?
This is the easy part: license renewal is automatic and per month. As a result you can stop your subscription per month as well (no alternation).
What happens if my subscription expires?
Our subscription model is based on a monthly model with a commitment for the first 12 months. Extension is automatic, but you can stop your subscription at any point. We will then decommission the SaaS component that we have set up for your organization.
In case you purchased one of our hardware sensors, we can unload the local Nautilus software for you. You then can repurpose the hardware.
What payment options do you offer for your solution?
Our billing is invoice based on a monthly schedule with a specification of the unique IP addresses monitored, which allows for scalability and flexibility in service costs. Additionally, we provide installation packs to facilitate the initial setup process. Our terms include a 14-day net payment policy, designed to accommodate your financial planning, ensuring that you can manage cash flow effectively while benefiting from our cybersecurity solutions. We currently have no credit card option.
Installation and Configuration
How do I install the software?
The software operates with one or more sensors which are deployed inside your OT/ICS network(s). Each sensor then communicates with the central SaaS environment instance which is separately created for each client. Multiple sensors can be combined within one client SaaS environment.
Sensor setup in your local ICS/OT network is straightforward. There are 2 deployment models:
Hardware Sensor Setup
When choosing for the hardware sensor, you receive the pre-installed sensorbox via our logistics channel. You then perform the racking & stacking of the device inside your infrastructure and have it connected to a desired SPAN port on a network switch.
Via the customer portal you then initiate the secure connection to the central SaaS component, and you are Up & Running!
Virtualized Sensor Setup
In this case the logistics and rack&stack steps are replaced by downloading the personalized image from the client portal page that we create for you. You then install the VMware image (or for other hypervisor) and activate the required network port on the host, connected that with a SPAN port and initiate the secure connection to the SaaS component with all management and dashboard functions.
Does Nautilus also provide OVA or VMDK files?
Yes we have a virtualized scanner available for you (OVA format) which alike our hardware sensor must be installed within the local infrastructure. This virtual machine has all the functionality of our hardware-based sensor. But of course, it is missing out on the hardware optimized features like AI coprocessor or optimized network cards up to 25Gbps.
What are the system requirements?
Physical Sensor box
For our physical appliance there are no other requirements than power, rack space and a network cable link to a SPAN port on a switch or a Data Tap device. Power and rack space are typical for a 1U optimized rackserver. For connection to the SPAN port or a Data Tap we do support connections of 1, 10 and even 25Gbps out of the box
Virtualized Sensor box
For our virtualized environment you must reserve the required compute and storage and assign dedicated networking. As a start you should be able to assign8-16 virtual cores and 250GB of fast (SSD) storage. Ā The network port for the virtual machine must not be shared and the link speed must match the SPAN port speed to prevent package loss.
Is cybersecurity consulting included?
We offer attractive remote support setup packages for a guided initial deployment. This also includes a preparation call, the use of our preparation templates and assistance with connecting the scanner to the SaaS component. With this approach you can be up and running with our software within just a few hours. Other consulting is part of our additional consulting services and priced at hourly rate in our pricelist.
Security Updates and Patches
How frequently are updates released?
This depends on the type of updates to be applied:
- High or Critical security updates are released as priority updated immediately after passing our internal quality gate
- Medium to low security updates is bundled in a monthly update pack
- Functional updates are released on a quarterly basis
How are updates and/or security patches applied?
Saas environment:
Patches and fixes for the SaaS component are published and applied in alignment with our development sprints
Local sensor environment
All security patches, application fixes and feature updates are published via the customer portal. Depending on the choices made during set up in the configuration of the sensor, these can be applied (1) automatically via remote triggering or (2) manual by downloading and execution of the install script. The second method requires action by a local client technician.
How do I stay informed about new threats?
The sensors have automated updates of threat information from public feeds. As option we can add additional paid feed subscriptions to further refine detection of specific issues.
When are Nautilus updates released?
Nautilus regular updates are released on a quarterly basis, withinĀ three weeksĀ after the end of a quarter. Priority updates are released as soon as they have the passed the quality gate of the Nautilus development team.
Integration and Compatibility
How does your solution align with and support our companyās overall digital transformation strategy?
Nautilus supports digital transformation by securing interconnected digital environments crucial to Industry 4.0. Our proactive approach to cyber security ensures that as your company adopts new technologies, the associated risks are effectively managed.
What partnerships or collaborations do you have that can enhance the value of your solution?
We collaborate with leading technology providers and cyber security experts, including integrations with platforms like ServiceNow, TOPdesk, and Microsoft Sentinel, to enhance our solutionās capabilities. These partnerships allow us to integrate the latest advancements and best practices into our platform, ensuring top-tier protection for our clients.
What services can I expect from my integration partner?
Integration partners in the Nautilus ecosystem use Nautilus software as a foundational element of their value propositions to you. On top of our software, they typically offer great expertise in adjacent security process or areas or have deep knowledge of your industry.
They all share the quality that their services further enhance your security posture.
Does Nautilus offer a partner program?
Yes, Nautilus has a comprehensive partner program designed to support collaboration. Our program is tailored to help partners integrate our advanced cybersecurity solutions into their service offerings. This includes access to specialized training, marketing support, and competitive pricing models. The goal is to empower our partners to effectively market and deploy our solutions.
How does your solution integrate with our existing security infrastructure and systems?
Our solution is designed for seamless integration (via API) with existing security infrastructures, including SIEM systems, firewalls, and other cyber security tools. We provide APIs with various incident management systems and support for custom integrations to ensure compatibility and smooth operation.
Are there any additional costs for integrating your solution with our existing systems and technologies?
There are no additional license costs for integrating our base solution. Depending on the complexity and additional requirements we do offer integration services and installation packs to support you with your installation and activation, if so required.
Support ā Training ā Documentation
What should I do if I have connectivity issues?
After you have established that your network and external connections are all working OK, but the Sensor does still not communicate with your SaaS instance you can enter a support ticket in the Client portal. In the rare case that the client portal is not available, you cand send a support request via email to hello@nautilus-ot.com
If the sensor seems disconnect from the SPAN port, please consult your in-house network engineer first
How do I resolve errors or bugs?
In the client portal we maintain a FAQ list which can answer many of your questions. If no resolution can be found, you can raise a support ticket in the same client portal
Are tutorials or guides available?
Yes, we have background information available in the client portal for online reading and in downloadable pdf format.
Where can I learn more about cybersecurity best practices
There are many excellent resources available online to deepen your understanding of cybersecurity best practices, particularly for OT/ICS environments. Below, weāve listed some of the most reliable sources we often recommend. However, please note that this is not an exhaustive listāthereās much more valuable information available across the web.
If youāre looking for hands-on support or tailored advice, we encourage you to explore our partner listing where youāll find a wealth of expertise and practical experience.
Recommended Resources:
A hub for cybersecurity knowledge, events, and practical tools specifically geared towards industrial environments.
Search for āOT/ICSā to find guidance tailored to securing operational technology systems.
Practical advice on compliance with NIS2 regulations for critical infrastructure organisations.
Comprehensive resources and reports on OT/ICS cybersecurity across Europe.
An authoritative guide to operational technology security frameworks and best practices.
Informative and easy-to-follow videos explaining OT and cybersecurity concepts.
How can I contact technical support?
The easiest way is to open a support ticket in the Nautilus client portal. In case you cannot reach the portal, please send us email to hello@nautilus-ot.com . Please add in the subject the words ārequest for supportā to help speed up our response.
What about the set up
See section āInstallation and configurationā
How long will Nautilus support the sensor devices and its operating system?
The Nautilus sensor devices are selected on a serviceability of at least 4 years after purchase. The software running on top of the Sensorās OS+Hardware is serviced and supported on ongoing basis This is covered by the monthly Nautilus subscription fees.
Privacy and Data Protection
How do you ensure the security and privacy of data collected and analysed by your platform?
Due to its nature, our solution does not process any Sensitive Personal Information. Still, we adhere to stringent data protection standards, ensuring all data collected and analysed is encrypted and stored securely within our European-managed data centers, with no reliance on Big Tech infrastructures, thus providing added security and peace of mind to our clients. Access is restricted to authorized personnel, and regular security audits are conducted to maintain the highest level of data privacy and compliance with EU regulations.
How does your solution ensure data integrity and prevent unauthorized access?
We use advanced AES256 encryption and access control mechanisms to ensure data integrity and prevent unauthorized access. Regular audits and continuous monitoring further enhance the security and integrity of your data. Your data is hosted on our own hardware in a European data center, fully operated and owned by a European entity.
What specific threats does your solution detect and mitigate, particularly in OT and IoT environments?
Our solution offers passive asset discovery, enabling the identification and cataloguing of network assets and vulnerabilities without causing operational disruptions. This ensures minimal impact on critical systems while providing full visibility.
Key features include:
- Real-Time Threat Detection: Monitors and identifies threats such as ransomware, malware, unauthorized access, and suspicious network activity.
- Network Anomaly Detection: Identifies unusual patterns or behaviours across OT and IoT environments that may indicate security breaches or misconfigurations.
- Vulnerability Identification: Detects outdated firmware, misconfigurations, and other exploitable weaknesses in devices and systems.
- Executive Reporting: Delivers actionable insights to executives, helping them understand cyber risk posture and prioritise mitigation efforts.
- Compliance Support: Provides audit logs and reports that streamline adherence to regulatory frameworks like NIS2 and IEC 62443.
This comprehensive approach ensures enhanced visibility, detection of a wide range of threats, and operational continuity in even the most complex OT and IoT environments.
How does Nautilus enhance monitoring and real-time response capabilities for clients?
Nautilus provides a sophisticated real-time dashboard designed to give clients full operational oversight, whether they are managing a single site or multiple locations. Each client benefits from a dedicated, secure instance hosted on EU-based servers, offering 24/7 access to aggregated data across all sites.
Key features include:
- Centralised Monitoring: A unified dashboard consolidates data from all connected sites, enabling seamless oversight and eliminating the complexity of managing separate systems.
- Ongoing Network Scanning: Continuous scans and real-time updates ensure clients receive timely, actionable insights into new findings or anomalies.
- Site-Specific Drill-Downs: The ability to explore individual site data in detail allows for efficient management and targeted responses to site-specific issues.
- Operational Consistency: By integrating multi-site data into a single platform, clients can streamline security measures, ensure uniformity across locations, and enhance overall operational efficiency.
This holistic approach simplifies complex management tasks and empowers clients with the tools to make strategic, informed decisions while maintaining robust security and operational continuity.
How does Nautilus maintain a secure environment?
Nautilus appliances connect to a secured cloud-based platform, where the data is processed and analyzed. The cloud-platform is European managed, hosted and owned. Your data travels safely through the use of secure tunnels between the on-premise appliances and the on-line solution we offer. The platform is designed to provide real-time threat detection and actionable insights, ensuring the security and resilience of your OT/IoT environments. Our solution is built to meet the needs of critical infrastructure and process industries, providing robust security and peace of mind.
How do I get started?
Getting started with Nautilus is simple. Our team will work with you to understand your needs and provide a tailored solution. We offer a range of deployment options, from on-premises to cloud-based, and our team will guide you through the process. We also offer a range of training and support services to ensure you get the most out of your investment.
What is the cost of your solution?
The cost of our solution depends on your specific needs and the scale of your deployment. We offer a range of pricing options to suit different budgets and requirements. Our team will work with you to understand your needs and provide a tailored solution that meets your budget and delivers the security and peace of mind you need.
How do I know if your solution is right for me?
Our solution is designed to meet the needs of critical infrastructure and process industries, providing robust security and peace of mind. Our team will work with you to understand your specific needs and provide a tailored solution that meets your requirements.
Can the Nautilus platform be branded for our organization?
Yes, the Nautilus platform can be branded to align with your organisationās identity. Key options include:
- Branding: Customizing the platform interface with your companyās logo, colours, and other visual elements to ensure consistency with your corporate identity.
- Custom Reports: Tailoring report formats and content to meet your organisationās specific compliance and operational requirements.
Does the Nautilus platform support multiple languages?
Yes, the Nautilus platform supports multiple languages, ensuring accessibility and ease of use for global teams.
