Best Practices and Technologies to Increase the Security and Availability of Industrial Control Networks

Industrial networks (in which PLCs, industrial protocols, SCADA systems, HMI, MES, hubs, switches, routers, firewalls, etc.) converge are characterized as systems in which it is necessary to:

• Ensure the availability, integrity, and confidentiality of the equipment and communications that take place within them.
• Consider the specific latencies of each process, including real-time management in many cases.
• Optimize recovery times in the event of a failure.

To achieve this, there are best practices and specific technologies that help to optimize, fortify, and increase the security (availability, integrity, and confidentiality) of these networks. The following can be highlighted:

1. Conducting network audits (non-invasive) to analyze and understand the current state of your traffic and the existing visibility between different network segments.
2. Identifying specific vulnerabilities associated with real-time systems.
3. The physical and logical segmentation of OT networks and fortification through DPI (Deep Packet Inspection) firewalls of critical areas and/or the application of regulations such as IEC 62443/ISA99.
4. Simulating typical attacks (MitM, password cracking, injections into industrial protocols, denial of service) to observe the behavior of the network in the face of a specific security incident (as long as it is a controlled environment or laboratory).
5. Using specific media and protocols (RSTP, MRP, VRRP, etc.) to design redundant network topologies.
6. Incorporating non-invasive intrusion detection systems, based on behavior or signatures (depending on the criticality of the system)

With the purpose of understanding this relationship of best practices and technologies in more detail, at Logitek we have designed a Hands-on Lab to increase the security and availability of industrial control networks that, through a combination of practical sessions, theory, and discussion workshops, pursues the following objectives:

1. Understand the main problems and vulnerabilities associated with industrial networks.
2. Know and use the main tools that allow diagnosing the state of an industrial network.
3. Delve into what types of architectures can be deployed to obtain more available and secure networks.
4. Carry out practices with devices and technologies that allow increasing the security of industrial networks.
5. Outline recommendations to optimize, fortify, and increase the security of the client’s industrial control networks.

If you want to know in more detail the scope of these On-Demand practical sessions that we carry out in your own facilities, access here.