P3KI CrossGUARD AM

P3KI CrossGUARD AM enables efficient personalized access management in OT environments without compromising network perimeter security.

  1. Reduce workloads by over 90%
    Fully automated renewal workflow.
    Critical operations requiring person-in-the-loop accessible via easy to use graphical user interface.
  2. Reduce risk exposure by over 10x
    CrossGUARD AM enables automatic phase-out of accounts, configurable from monthly down to next-day cleanup.
    All operations performed logged for audit purposes.
  3. Ensure regulatory compliance
    CrossGUARD AM fulfills requirements for personalized access control as outlined by IEC 62443, GMP, NIS2, ISO 27001, and many more regulatory works.
  4. Scale securely, easily
    CrossGUARD AM enables you to centrally manage multiple plants (OT environments).
    Per-plant, individual permission mapping.
    Fully integrity protected data exchange for both account data and application configurations.

Pre-requisites

  • Centrally managed account system in place (e.g. using Microsoft Active Directory)
  • DCS supporting a local directory service (e.g. Microsoft Active Directory)
  • We any support available data transport method
    • Cross air-gap using secured removable media (e.g. USB drive)
    • One-way communication via data diode
    • Controlled data turntable solution
    • Restricted and controlled network connection (e.g. PAP gateway)

CrossGUARD tool family

There is more to CrossGUARD to complement your setup!

  • CrossGUARD PAC
    for enabling seamless physical access control (building and equipment level)
  • CrossGUARD AAC
    for efficient and instant account-less workorder permission management
  • CrossGUARD SSI
    to seamlessly integrate your suppliers into efficient identity verification workflows.