In Manufacturing, it's common to think of Security as secondary to Productivity. This pushes employees to ignore cybersecurity policies, which are often seen as an obstacle to their job. At the same time, devices and machines are vulnerable to threats, configurations errors and obsolescence. This can lead to:
OT (Operation Technology) includes hardware and software devices that are used for the management and monitoring of industrial process systems. For example, ICS (Industrial Control Systems) and SCADA tools are part of it.
A network that includes this type of devices is called OT network, and it has only one priority: it must never stop.
For this reason the Cybersecurity IT approach, which consists of detecting and isolating threats within the perimeter, isn't desirable for OT networks, because it would cause a blockage of the production chain.
To protect an OT network two factors are necessary: Micro-segmentation and Segregation.
These strategies are designed to only allow the authorised network traffic required for production.
All other communications are blocked, preventing any kind of lateral movement in case of an asset compromission.
EDGE SDN works on two fundamental principles, provided by the ISO / IEC 62443 standard:
By implementing Security Zones and Conduits, it's possible to regulate traffic between OT devices, which is predictable by its nature and related to production commands, allowing only useful production traffic.
In this way, in case of a compromise of a Security Zone, lateral movements are prevented and business continuity is guaranteed.
The centralised console allows you to control the activities in the OT network and its security.
It's composed by a dashboard dedicated to IT Security Managers, which allows to create and manage Security Zones and Conduits, and a dashboard for OT Operators, dedicated to production support.
EDGE SDN is a solution that uses the capabilities of SDN Switches.
If your OT network is made by switches that don't have SDN, don't worry. We will provide you with the additional equipment you need, without having to replace the ones you already use.
EDGE SDN does not require additional devices (such as Firewalls), but ) because it works directly on the industrial switches present in the plant, using SDN.
The OT network, the infrastructure on which the data flows, prevents the movement of unknown traffic.
Only known and necessary communications are considered reliable, everything else is blocked and forwarded to in-depth analysis tools.
You cannot bypass the security of EDGE SDN by disconnecting cables, because the switches are needed for the factory network to work.
It prevents attackers from performing lateral movements, as only authorised operational communications are possible.
Thanks to asset segregation, production can continue even in the case of compromise
It achieves the security level required by ISO/IEC 62443 and NIST 800-82, with the use of conduits, Level 2 segmentation, threat identification, and Least Privileges.
Protect your OT network with EDGE SDN in an innovative and targeted way.
Don't apply IT Cyber Security solutions in OT networks: choose a solution designed for the needs of the industrial world.
Contact us to learn more: our Experts will help you improve the security of your OT network and ensure its business continuity with EDGE SDN.
Or call us