Explore the Discovery Sensor for OT

  • Release version: Australia
  • Updated March 12, 2026
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Discovery Sensor for OT

    The Discovery Sensor for OT enhances the scanning and querying capabilities to efficiently manage assets within operational technology (OT) environments. It integrates with the Discovery Console for OT, providing centralized control and monitoring of sensors deployed across the OT network.

    Show full answer Show less

    Sensor Management and Configuration

    Through the Discovery Console for OT, customers can access a comprehensive Sensors list that displays all sensors linked to the console. This list is prioritized by sensor status, configuration status, and sensor name to help quickly identify sensors needing attention.

    Selecting a sensor reveals detailed Sensor Information, organized into tabs:

    • Basic: Shows key sensor details such as name, type, serial number, firmware version, and location data (latitude, longitude, description).
    • Network: Provides network configuration details including console endpoint IP, sensor gateway IP, management interface settings (IP, subnet, VLAN), span interface for network traffic capture, and Ethernet interfaces with MAC addresses.
    • Services: Enables toggling of sensor services like SSH and Web Management, both critical for secure communication and management. SSH is enabled by default but can be disabled to comply with OT security policies.
    • Services Config: Manages Log Streaming and Web Management services. Log Streaming allows logs to be sent to the Discovery Console for up to 30 days, aiding in troubleshooting. Customers can set log severity levels, with Debug recommended unless bandwidth is limited. Web Management Service passwords can be reset here.
    • Sites: Displays site associations for the sensor during auto-query operations, showing allow/deny status and recommendations based on IP network matching.
    • Status: Indicates sensor connectivity and deployment status across configurations, policies, firmware updates, and security modes.

    Sensor Actions

    The Actions menu provides essential operational commands:

    • Deregister Sensor: Removes the sensor from the console and resets it to factory defaults.
    • Enable Bypass Mode: Allows traffic to bypass the sensor as needed.
    • Reboot Sensor: Restarts the sensor device.
    • Remove Sensor from Console: Available for sensors with lost connections.
    • Additional options include viewing allowlists, data streams, and health overviews.

    Next Steps

    To begin deploying and configuring the Discovery Sensor for OT, customers should proceed with the installation guide titled Configure the Discovery Sensor for OT. This will provide detailed setup instructions to fully leverage sensor capabilities in the OT environment.

    The Discovery Sensor for OT provides you with enhanced scanning and query functionality to manage your assets in the OT environment.

    Discovery Sensor for Operational Technology (OT) overview

    This section provides an overview of the Discovery Sensor for OT and its integration with the Discovery Console for OT. For detailed functionality and configuration, refer to Discovery Console for OT.

    Sensors page on the Discovery Console for OT

    The Sensors list displays a list of all sensors that are associated with a Discovery Console for OT. To view the Sensors page, select the Sensors link in the Main Menu. Then select Sensors from the drop-down list to display the list of sensors. For monitoring purposes, the list is sorted first by Sensor Status, next by Configuration Status, and then by Sensor Name so that users to quickly find a sensor that needs attention.

    Sensor Information

    The Sensor Information page shows configuration and status information for the Sensor you select. In the Sensor List page, select the name of a Sensor to view its information. Each tab on the Sensor Information page is detailed in the next sections.

    Most Sensors have similar configuration settings; however, each type of Sensor has different settings available based on their capabilities. These differences are described in the sections below.

    Basic

    Displays the basic configuration information for a Sensor. This includes the Sensor Name, Sensor Type, Serial Number, Firmware Version, and user definable location information that includes fields for the Latitude, Longitude, and Location Description for the Sensor.

    Network

    A description of each field on the Network tab is as follows.
    • Console Endpoint – Shows the IP address of the Discovery Console for OT that the Sensor is configured to use.
    • Sensor Gateway – Shows the IP address assigned to the Sensor that is used to route traffic between networks.
    • Management Interface – Connects the Sensor to an out-of-band network for communication with the Discovery Console for OT.
      • Management Endpoint: Sets the IP address for the Sensor which it uses to communicate with the Discovery Console for OT.
      • Management Subnet: Sets the subnet mask/Classless Inter-Domain Routing (CIDR) for the Sensor's communication with the Discovery Console for OT.
      • (Optional) Management VLAN: Specifies the VLAN identifier that the management interface will use to tag network communications for participation in VLAN segregated networks.
    • Span Interface: When enabled, allows the Sensor to enter a mode where it can collect all network traffic received on the ETHERNET 1 port. This allows the IDS to collect data from the network. When inactive, the Sensor can't perform any data collection.
    • Ethernet Interfaces: Lists all Ethernet Interfaces for the Sensor. The list includes the Interface name and the MAC Address for each one.

    Services

    Allows you to configure specific services that run on a Sensor. Currently, the user can use this feature to enable or disable the SSH service on a Sensor. Select the Edit button and then select the toggle to turn the SSH service on or off. Under that are the Status and Updated On fields for the SSH service. Similarly, this page also allows users to enable or disable the Web Management service (see the Sensor Management Interface section for details) and view the corresponding Status and Updated On fields. The SSH service is enabled by default on all Sensors to facilitate post-installation configuration and may be inactive if necessary to match OT network security policies.

    Services Config

    Includes the Log Streaming Service and the Web Management Service. The Log Streaming Service can be used to stream logs from Sensors to the Discovery Console for OT. The Log Streaming Service also provides the ability to retain logged information for a longer time and may result in quicker customer issue resolution.

    To enable the Log Streaming service for a specific Sensor, turn it on using the Log Streaming toggle in the Services section of that Sensor. Next, navigate to the Services Config section and select the log severity. The user may select the minimum log severity to include in the streaming for each Sensor. Selecting Debug will result in the most information being logged. We recommend enabling this feature with Debug as the selected severity level unless the system is operating in a bandwidth-constrained environment. Select Save to make the changes permanent or select Cancel to undo.

    The data streamed is not viewable in the Console UI. The Console only provides the ability to enable or disable the service and set the log severity level. Streamed log information is retained on the Console for 30 days.

    The Web Management Service feature can be used to reset the password for the Web Management Service on the Sensor. To reset the password, click Edit, type a password into the edit field, enter it in the Confirm Password field, and click Save. Below the Confirm Password field are the Status and Updated On fields, which provide information about the Web Management Service on the Sensor.

    Sites

    The Sites tab displays which Sites are associated to the selected Sensor during an Auto Query. The Allow/Deny setting indicates whether the Sensor is associated to the particular Site. The tab also displays the Site name, what setting is recommended for that Site, and the reason for the recommendation. A Deny recommendation means the Site does not appear to be related to the Sensor. An Allow recommendation means the Site’s network ranges match the Device IP. Allow can also mean the Site allows All Sensors. Sensor Sites tab

    Status

    Shows the connection status of the Sensor, including the deployment status for basic configuration, network configuration, arpwatch network configuration, allowlist configuration, policy, firmware updates, and security bypass mode updates.

    Actions

    The Actions menu in the top right corner of the Sensor Information page provides links to several actions related to the Sensor. These actions include Deregister Sensor, Enable Bypass Mode, Reboot Sensor, Remove Sensor from Console (only for Sensors with Connection Lost status), View Allowlist, View Data Streams, and View Health Overview. The Actions list includes:

    • Deregister Device – This setting deregisters the Sensor from the Console. This action resets the network settings to factory defaults and removes the Sensor from the Console.
    • Reboot Device – This setting reboots the Sensor.

    What to do next

    To get started with the installation of the Discovery Sensor for OT, see Configure the Discovery Sensor for OT.