Network Segmentation
Most Industrial Control Systems (ICS) are operated under condition where “if it works and not broke, no need to fix it”. Moreover, ICS requirements for operational high availability, introduce risks and make plant assets highly susceptible to attacks when connected to external devices, networks or internet.
This is becoming even more complicated and challenging when integrate ICS with enterprise systems for purpose of:
- Monitoring productivity;
- Coordinating production between sites;
- Migration from legacy Analog control systems to Digital control systems;
In order to lower operation costs and meeting compliance requirements.
Network Segmentation Challenge
ICS integrations with IT result in a threat vector beyond the original design parameters of most ICS devices. Failure to properly secure and isolate ICS from enterprise systems (and from each other) may result in the propagation of malware, compromise, or even destruction of assets. And the disruption to a manufacturing site or critical infrastructure can have significant consequences, ranging from lost productivity and revenue to lost life. There are various Challenges that Nation ...
Network Segmentation Solutions
The most efficient defensive strategy to integrate industrial control and IT systems, is the implementation of an ICS firewall with complete policies. In other words, the entire traffic has to be accounted for. This will help to control information flow and prevent traffic from lower security zones such as Demilitarized Zone (DMZ) or IT Enterprise Network (IT) from accessing the ICS network. It protects ICS network from the corporate network and vice versa. where the relat...
A Solution With Proven Track Record
One suggested Segmentation Solution with proven track record is to deploy Fortinet along with Nozomi systems. The robust Fortigate series designed for harsh ICS environment, enables the implementation of a functional and physical segmentation strategy for ICS industrial environments. Fo...
