Case Study: Major U.S. Water Utility achieves full passive OT visibility with Armis

Water Utility Gains Passive Visibility into OT Assets Without Affecting Sensitive Devices

Major U.S. Water Utility, a regional provider serving millions of residential, business, and municipal customers, needed a nonintrusive way to gain visibility into its sensitive OT environment without disrupting water operations. The utility’s small IT/security team had avoided scanning OT devices because many assets were sensitive to active discovery, yet it still needed better asset visibility, vulnerability prioritization, and lower operational risk. To address this, the utility turned to Armis, using passive monitoring and traffic visibility in combination with Gigamon.

Armis deployed with Gigamon TAPS gave the utility full passive visibility into OT assets and the network traffic traversing both IT and OT environments, without affecting sensitive devices. The team quickly discovered more than 1,000 previously unseen devices and improved vulnerability management with prioritized lists of potentially affected assets. Armis also helped uncover suspicious DNS lookups and provided integrations across firewalls, VPN, MFA, virtualization, identity, endpoint protection, and wireless controllers, strengthening the utility’s overall security posture and saving a highly leveraged team significant time.