Skip to content

OT Device Access Management

Excalibur can manage access to OT devices, focusing on the human-interactive protocols they commonly use.

Supported Protocols for Interactive Access

  • Web Interfaces — many modern OT devices (PLCs, HMIs, SCADA controllers) have browser-based interfaces. Excalibur can secure these.
  • SSH (Secure Shell) — common on advanced OT devices (RTUs, industrial routers) for secure command-line management. Excalibur supports SSH PAM Targets for these.
  • Telnet — while older devices might use Telnet, it is an insecure (unencrypted) protocol. Excalibur could potentially support it, but we strongly advise against its use due to security risks.

Unsupported Access Methods (by Design)

  • Programmatic Access (APIs) — protocols like REST APIs or Web Services are typically for server-to-device communication, not direct human interaction. Excalibur focuses on securing human access, so these are out of scope for direct PAM.
  • Physical Access (Serial Connections) — direct serial connections (RS-232/485) are physical access methods and are not applicable to Excalibur's remote access management capabilities.

Excalibur effectively manages access to OT devices through common interactive protocols like HTTP/S and SSH, aligning with standard Privileged Access Management practices.