cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
funkychicken
Contributor I

Just finished segmenting an ICS network

Well here we go. A lot of companies in production have lots of IOT devices and custom services and applications which run on that environment. After pointing out the security risks to them I have now finished segmenting off the network with a few different firewalls from Palo Alto, Cisco and Fortinet. 

 

Some of the more critical services have been sectioned off onto their own private DMZ zones with only access for certain devices who have been authenticated on the network. This type of protection was needed due to prevent access into the network from unauthenticated devices. 

 

ICS devices, especially PLC's due to their 24/7 up-time requirement rarely get updated by some companies so it is imperative that the network is segmented.

1 Reply
Caute_cautim
Community Champion

@funkychickenThis increasingly applies to Medical Devices requiring FDA Level 1, 2 or 3 certification as well, which adopt a similar ICS or SCADA approach where the emphasis is on Integrity, Availability, Performance and Safety rather than the traditional Confidentiality, Integrity, Availability and Authentication.

 

In fact, the emphasis is on the engineering, Blockchain, and AI analysis rather than the holistic enterprise security architecture that we have used to dealing with - now we have a convergence with different needs.

 

Regards

 

Caute_Cautim