Skip to main content

Guided Onboarding

Breakwater's 6-step guided onboarding wizard gets new organizations up and running quickly. The wizard walks you through platform configuration, site setup, and initial network discovery — providing immediate value and security insights.

Onboarding Wizard Steps

Step 1: Welcome

Platform Overview and Introduction

  • Breakwater Capabilities: Overview of platform modules and features
  • Security Benefits: OT/ICS security value proposition and ROI
  • Expected Timeline: 15-30 minutes for complete setup
  • Support Resources: Links to documentation, tutorials, and help resources

The welcome step provides context for new users and sets expectations for the onboarding process.

Step 2: Organization

Company Information and Configuration

  • Company Name: Legal entity name for reports and branding
  • Industry Selection: Manufacturing, utilities, oil & gas, building automation
  • Company Size: Employee count and facility scale
  • Primary Contacts: Technical contact, security contact, billing contact
  • Compliance Requirements: IEC 62443, NERC CIP, NIST, custom standards

Organization information customizes the platform experience and enables industry-specific features.

Step 3: Site

First Facility Configuration

  • Site Name: Facility designation (Plant 1, Main Campus, Distribution Center)
  • Geographic Location: Address, timezone, regional settings
  • Facility Type: Production, distribution, office, data center
  • Estimated Device Count: Network size planning (50, 100, 500, 1000+ devices)
  • Network Segments: Production, office, DMZ, safety systems

Site configuration establishes the foundation for asset discovery and network monitoring.

Step 4: Gateway + Collector

On-Site Agent Deployment

The wizard generates deployment commands and provides multiple installation options:

Collector Token Generation

  • Unique Token: Site-specific authentication token for secure communication
  • Token Expiration: 30-day validity with automatic renewal capability
  • Security: Token-based authentication without storing credentials

Deployment Methods

Quick Install (curl)

curl -sSL https://install.breakwater.techgonecoastal.com/collector.sh | \
  bash -s -- --token YOUR_COLLECTOR_TOKEN

Docker Deployment

docker run -d --name breakwater-collector \
  --network host \
  -e COLLECTOR_TOKEN=YOUR_COLLECTOR_TOKEN \
  breakwater/collector:latest

Docker Compose

version: '3.8'
services:
  collector:
    image: breakwater/collector:latest
    environment:
      COLLECTOR_TOKEN: YOUR_COLLECTOR_TOKEN
    network_mode: host
    restart: unless-stopped

Air-Gapped Installation

  • Offline Package: Download installer for disconnected networks
  • Manual Configuration: Step-by-step setup for isolated environments
  • USB Transfer: Secure installation media creation

Step 5: Scan

Live Network Discovery

Real-time monitoring of the discovery process with immediate feedback:

Discovery Progress

  • Device Count: Live count of discovered devices
  • Protocol Detection: Real-time protocol identification (Modbus, EtherNet/IP, OPC UA)
  • Network Mapping: Visual representation of network topology
  • Performance Metrics: Discovery speed and network coverage

Live Discovery Feed

  • New Devices: Devices discovered in real-time
  • Device Classification: Automatic device type identification
  • Protocol Analysis: Communication patterns and service discovery
  • Security Observations: Default credentials, open services, vulnerabilities

Discovery Statistics

  • Total Devices: Complete device count across all network segments
  • Device Categories: PLCs, HMIs, network equipment, servers
  • Protocol Distribution: Percentage breakdown of industrial vs. IT protocols
  • Network Segments: Devices per VLAN, subnet, and security zone

Step 6: Wow

Security Insights and Risk Assessment

The final step presents immediate security value through comprehensive findings:

Discovery Summary

  • Total Assets: Complete count of discovered devices and systems
  • Device Categories: Breakdown by device type and function
  • Network Topology: Comprehensive view of network architecture
  • Protocol Inventory: Complete list of detected industrial protocols

Security Findings

  • CVE Count: Known vulnerabilities across discovered devices
  • Critical Vulnerabilities: High-severity issues requiring immediate attention
  • Default Credentials: Devices using factory default usernames/passwords
  • Expired Certificates: SSL/TLS certificates past expiration

Risk Quantification

  • Overall Risk Score: Numerical risk assessment (1-100 scale)
  • Risk Categories: High, medium, low risk device classifications
  • Business Impact: Potential operational and financial impact
  • Remediation Priority: Prioritized list of security improvements

Immediate Actions

  • Quick Wins: Easy security improvements with high impact
  • Critical Issues: Urgent security issues requiring immediate attention
  • Long-Term Projects: Strategic security initiatives and improvements
  • Compliance Gaps: Areas needing attention for regulatory compliance

Wizard Features

Skip and Resume Capability

  • Flexible Progress: Skip steps and return later
  • Save State: Wizard progress automatically saved
  • Resume Anytime: Continue from any completed step
  • Multiple Sessions: Complete onboarding across multiple sessions

Users can start the wizard, deploy collectors, and return hours or days later to review discovery results.

Demo Scan Simulation

For evaluation and training purposes, a demo scan simulation is available:

  • Sample Data: Pre-loaded discovery results from representative OT environments
  • Industry Examples: Manufacturing, utilities, building automation scenarios
  • Realistic Findings: Authentic security issues and device inventories
  • No Infrastructure Required: Experience Breakwater without network deployment

Post-Onboarding Next Steps

Immediate Actions

  1. Review Critical Vulnerabilities: Address high-severity security issues
  2. Update Default Credentials: Change factory default passwords
  3. Certificate Management: Plan certificate renewals and upgrades
  4. Network Segmentation: Implement security zones and access controls

Platform Exploration

  1. Helm Visualization: Explore network topology and device relationships
  2. Manifest Management: Review and enhance asset inventory
  3. Lookout Monitoring: Configure vulnerability and threat monitoring
  4. Channel Access: Set up secure remote access if needed

Advanced Configuration

  1. User Management: Add team members and configure role-based access
  2. Report Scheduling: Set up automated security reports
  3. Alert Configuration: Customize monitoring and notification preferences
  4. Integration Setup: Connect with existing security and management tools

Support During Onboarding

Built-In Help

  • Contextual Tips: Step-specific guidance and best practices
  • Documentation Links: Direct links to relevant documentation sections
  • Video Tutorials: Embedded video guides for complex procedures
  • FAQ Integration: Common questions and answers within each step

Live Support

  • Chat Support: Real-time assistance during business hours
  • Screen Sharing: Remote assistance for complex deployments
  • Phone Support: Direct phone contact for urgent issues
  • Email Support: Detailed technical assistance via email

Community Resources

  • User Forums: Community discussion and peer support
  • Knowledge Base: Comprehensive articles and troubleshooting guides
  • Best Practices: Industry-specific implementation guidance
  • Case Studies: Real-world deployment examples and lessons learned

The guided onboarding ensures new Breakwater users achieve immediate value while building the foundation for comprehensive OT security monitoring and management.