With growing international unrest and the looming threat of nation-state conflicts and cyberattacks, the growing demand for cybersecurity tools for OT & CPS can only be met by products that are powerful and easy to deploy, configure, and maintain. MetaDefender OT Security continues to deliver robust asset visibility, risk assessment, and policy enforcement built specifically for operational environments.
Our solution plays a key role in helping organizations detect, respond to, and remediate threats faster, as demonstrated in our recent blog on safeguarding Schneider Electric’s Modicon M241 PLCs from CVE-2025-2875. The vulnerability detection and mitigation strategies showcased highlight MetaDefender OT Security's real-time response capabilities against emerging ICS threats.
With v3.4.5, we focused on simplifying the user experience, strengthening security controls, and expanding deployment flexibility, ensuring that OT teams can operate with greater speed, precision, and confidence.
What’s New in This Release?
Single Installation File for All Deployment Options
Previously, deploying MetaDefender OT Security involved choosing between five different installation packages based on the deployment architecture (Enterprise, Site Manager, Sensor, etc.).
With v3.4.5, a single universal installer now supports all deployment roles. Whether you're setting up a small lab or rolling out across multiple sites, this reduces download time, simplifies version control, and ensures consistency across environments.
Why It Matters
- Quicker onboarding for customers and partners.
- Easier for IT/OT teams to replicate production scenarios in test environments.
- Less room for user error during installation and deployment.
Web-Based Initial Setup Configurations
Instead of relying on desktop-based configurations which requires local access to the deployed server, users can now perform entire initial setup tasks remotely via the web console, making the onboarding process faster, more intuitive, and less error-prone.
This includes configuring systems, network interfaces, connection settings, and enabling core services.
Why It Matters
- Greatly reduces the learning curve for new users.
- Speeds up testing and production deployments.
- Makes it easier to demo the product internally or to stakeholders.
Improved Network Connection Setup Across Components
Industrial networks often span multiple zones and require accurate communication between Enterprise, Site Manager, and Sensor nodes. In v3.4.5, the setup process now automatically verifies and optimizes inter-component connections, ensuring that sensors correctly report to their Site Manager and upstream Enterprise node.
What’s New
- Auto-validation of hostname/IP settings.
- Dynamic feedback on connection health.
Why It Matters
- Saves time during troubleshooting.
- Ideal for lab testing, where environments are spun up/down frequently.
- Better visibility into distributed deployments.
SSH Access Management: Simplified and More Controlled
In previous versions, SSH access had to be manually enabled and was time-limited, which could be inconvenient during long support or testing sessions. Now, SSH access is:
- Available for all components: Sensors, Site Managers and Enterprise Manager.
- Time-unrestricted.
- Controlled via a new setup step: “Enable SSH by users”.
This gives administrators secure, persistent remote access when needed, while maintaining strict access control policies.
Why It Matters
- Easier support and diagnostics during evaluation.
- Improved remote troubleshooting capability.
- Granular control over who can access which node.
Security, Integration, and Usability Enhancements
Vulnerability Fixes and Kernel Upgrade
The new release v3.4.5 includes:
- A kernel upgrade to 6.8.0-52-generic.
- Remediation of several package-level vulnerabilities.
This aligns the platform with the latest Linux security best practices and ensures continued compliance with stringent enterprise and industry standards.
API Enhancements for OEM partners and Integration Use Cases
We’ve introduced new API endpoints and improved performance for existing ones, making it easier for customers and OEM partners to:
- Query device and risk data.
- Apply firmware update to patch vulnerabilities of device.
- Automate deployments across custom infrastructure.
Why It Matters
- Improved integrations with SIEM, SOAR, and OEM dashboards.
- Enables customers to seamlessly integrate with their own asset management or ticketing systems.
- Enables OEM partners to easily leverage strengths of integrate MetaDefender OT Security’s advanced threat detection and asset visibility into their OT security solutions.
Previously Introduced in v3.4.4
- S7comm and S7commPlus Detection: Detect industrial assets communicating via Siemens protocols.
- Split Upgrade Packages: OS and app packages are decoupled for faster, safer upgrades.
- Flexible Purdue Level Assignment: Assign Purdue levels independent of device type.
- LDAP Integration & MFA: Enforce centralized access controls and strong authentication.
MetaDefender OT Security: OT Asset Discovery, Inventory, and Patch Management—Simplified
Designed for enterprise-scale deployments, MetaDefender OT Security provides unparalleled visibility into converged IT/OT operations, delivering deep situational awareness of threats throughout the network. while ensuring compliance with regulatory requirements.
Ready to upgrade? Contact us today to learn more about MetaDefender OT Security v3.4.5.
