OT Systems segmentation​

Goal

  • Understand OT environment (network infrastructure, devices and their connections especially in geographically dispersed environment)​
  • Understand data flow within OT environment and with corporate (IT) network​
  • Protect critical OT assets from threats from IT and external networks ​
  • Redesign the network in separate areas (security zones) to control data flow and minimize security attacks​

OT Systems Segmentation​

OT Assets Identification

  • OT Assets identification step should consist of automatic and manual discovery of assets and data associated with them.​
  • Asset identification output: assets data including protocols used, type of device, vendor, IP address, MAC address, operating system, open ports, etc.​

Data Analysis

  • Data analysis should include categorization, classification and correlation of assets.​
  • Dividing assets into zones, layers and segments. Identifying and designing required connection channels between IT and OT​

Target Architecture Development

Based on the analyzed data, ​ a target architecture project of segmented network is developed as well as step by step method of transforming from current to target state.

Implementation

  • Network Segmentation concept defined in the Target Architecture development step should be implemented into the physical system.​
  • After the implementation, maintenance of the proper network segmentation is required by periodic reviews and pentests.​

Resources

Discover how the implemented sustainability solutions will help shorten time to improve your brand and product

News

REC welcomes you to our blog!

Reliability Expert Center (REC) is excited to introduce to you our new website and blog. Here you will find biweekly submissions of featured articles concerning Reliability, Sustainability, Lubrication, & Inspection from local and global experts that offer industry insight and best practice methods.