Operational Technology Network Map
The Operational Technology (OT) Network Map is an interactive map that visualizes your OT network through connected nodes.
OT Network Map overview
The OT Network Map provides a real‑time and accurate representation of your OT environment by modeling subnets and device‑to‑device connections across your industrial network. This visual map helps you understand how OT devices are connected and how data flows between them.
With this visibility, you can analyze the impact of network changes, identify connectivity risks, and make informed operational and security decisions. It enables faster troubleshooting, improves risk awareness, and provides better visibility into complex OT network relationships. It helps you move from reactive troubleshooting to proactive decision‑making across your industrial environment.
You can access the OT Network Map by navigating to Equipment Model Manager in the Industrial Workspace and selecting a site.
The following image is an example of the network map in its default state.
Node map representation
The node at the center of the network map represents your equipment model entity site. Connected to the site, you can see the nodes that represent the site's subnets. On each subnet node, there's a number indicating how many OT devices exist within that subnet. When you select the device number on the subnet node, the network map expands to show all the device nodes within the subnet.
- Subnet name
- Number of critical devices
- Total number of OT devices
- Managed Network name, if available
- Device name
- Device type
- Criticality status
The device node also contains an option to view its device-to-device connections. For more information about device-to-device connections, see OT device related items and related lists and View and edit device to device connections.
When the OT Network Map Cache Handler scheduled job runs and the Refreshed at field in the map is updated with the new refresh time. For more information about the scheduled job, see Run the OT Network Map Cache Handler scheduled job.
Populating the map
To populate the OT Network Map, you must run the OT Network Map Cache Handler scheduled job. For more information about the scheduled job, see Run the OT Network Map Cache Handler scheduled job.
- IP Address [cmdb_ci_ip_address]
- OT Discovered Subnet [sn_ot_discovered_subnet]
Map legend
The OT Network Map contains a legend that describes the visual components of the map and their meaning. The legend covers the relationship lines between nodes, the different nodes you may see in your network, and the device node
criticality. The following image shows the map legend made available by selecting the Legend
icon from node map control panel in the top-right corner.
Map filters
| Filter | Description |
|---|---|
| Class | The name of the assigned class for the OT device. |
| Criticality | The measure of the relative risk to the site process due to failure of the device. |
| Manufacturer | The device manufacturer. |
| Purdue level | The assigned Purdue level. Ranges 0–5. |
| Discovery source | The Discovery source for the OT device data. |
Roles required
You must be assigned both the cmdb_ot_isa_viewer role and cmdb_ot_viewer role.
Limitations of the network map
- Subnets without any configuration items (CIs) don't show up in the network map.
- CIs that aren’t part of any subnet don't show up in the network map.
- For a site with more than 10K CIs, only 10K CIs are considered in the OT network map calculations.