How Logitek Implements Internal Network Defense.
Internal network defense is one of the main steps to solve in order to implement an in-depth defense strategy for ICS OT assets. This is how we do it at Logitek.
The internal network defense is one of the main steps to solve in order to implement an in-depth defense strategy of the ICS OT assets.
In the “Internal Network” layer we must focus on protecting all the ICS OT networks of our facilities to guarantee correct and expected operation, an important point when industrial networks are intended to be deterministic.
The protection mechanisms of internal networks must contemplate the following lines of fortification:
- Secure network architecture with high levels of availability, segmentation and scalability.
- Network electronics with capabilities to control access to the network.
- High monitoring of the network infrastructure to be able to react quickly to a network infrastructure failure.
- High monitoring and profiling of network traffic to detect anomalous communications within the network.
These mechanisms must be sufficiently robust to guarantee:
- High resilience to physical failures of network electronics.
- High capabilities of intrusion detection or strange behavior within the network.
- High fault detection capabilities of hardware or communication links.
- Ability to implement network access controls.
Logitek implements network defense with different technologies such as:
- Industrial network electronics, customizable and with capabilities to implement highly redundant networks with security and access control capabilities.
- Data diodes for the segmentation of especially critical areas within ICS OT environments.
- DPI Firewalls for securing assets that use insecure industrial protocols, such as ModBUS-TCP.
- Industrial firewalls for the segmentation of the different industrial subzones.
- Monitoring systems based on SNMP for infrastructure supervision.
- Network traffic analysis systems for the creation of baseline equipment behaviors and anomaly detection.
In case of not having monitoring tools, Logitek recommends carrying out internal network audits on a periodic format to verify the correct deployment of a secure network architecture, the correct access control and that the network traffic is what it should be.
You may also be interested in:
Other in-depth defense links:
- Defense-in-depth strategy in industrial cybersecurity.
- How Logitek Implements Perimeter Defense.
- Defense in depth.
- How Logitek Implements Equipment Defense.
- How Logitek Implements Data Defense.
For more information, do not hesitate to contact us
