Guides
Log In
Guides

Asset and Network Traffic Visibility

Overview

Secure Remote Access (SRA) is enhanced through full visibility into OT network assets and their communication patterns. This capability introduces passive, agentless discovery that integrates with the network management plane, enabling continuous asset identification and traffic analysis without impacting OT environments.

At the core of this feature is the Fabric Controller, a new Cyolo component that connects to Cisco switches to collect telemetry and build a real-time view of network activity.

This visibility allows you to:

  • Maintain an up-to-date inventory of OT assets
  • Understand which assets communicate with each other and over which protocols
  • Identify remote access traffic that bypasses Cyolo
  • Detect potential policy gaps and unauthorized access paths

This foundation will support future OT segmentation capabilities.

Key Components

Fabric Controller:
A Cyolo component that connects to Cisco switches, collects passive telemetry, and forwards enriched asset and traffic data to the Cyolo platform.

Network Elements (Cisco switches):
Provide traffic telemetry used for passive asset discovery and connection mapping.

Asset Inventory:
Automatically generated and continuously updated list of discovered devices in the OT environment.

Connection Visibility:
Detailed mapping of communication flows between assets, including protocols and interaction patterns.

How It Works

  1. You install Fabric Controller on the netweok with the Assets for which you want to gain visibility.
  2. From the Cyolo admin panel you add a Fabric Controller.
  3. The Fabric Controller connects to onboarded Assets (Cisco switches).
  4. Switches provide passive telemetry about network traffic.
  5. The Fabric Controller analyzes this data to:
    • Discover assets (devices) on the network
    • Identify communication flows between assets
  6. The platform presents asset inventory and connection insights in the UI.

This process is fully passive and does not require scanning, probing, or network traversal.

Use Cases

  • Validate SRA enforcement by identifying traffic that does not pass through Cyolo
  • Detect unauthorized communication paths between OT assets
  • Gain visibility into unmanaged or unknown devices
  • Prepare for segmentation by understanding real traffic flows and dependencies

Notes

  • This feature is fully passive and safe for sensitive OT environments.
  • No agents, scanning, or active probing are required.
  • Initial release supports Cisco switch integration.