Post on 22-Sep-2020
Cyber-Secure uw productie – automatisering, koppel OT veilig aan IT en hak uw netwerk in stukken
René van der Meer
Automation Cybersecurity in GmbH
Cyber Attacks
Vertical - Horizontal Integration
State-of-the-Art Measures
• Secure Remote Access
• Data Diodes in Automation
• Automation Firewall
Today‘s Usecase
Remote Access
Data
Cyber Attack‘s Vector
Remote Access
Data
How to Secure your Factory
Remote Access
Data
OT Firewall
Remote Access
Data Diode
Secure Remote Access
Central Server
Remote AccessRouter
Service Computer
Factory
Recommendation‘s• Access Control
• 2-Factor Authentication
• Role-based Access Control (RBAC)
• Access Control to every IP and port
• Encrypted Connections (VPN)
• The on-site Operator can control the session
• Remote maintenance access session is displayed locally
• Log user actions
Remote Access : You are in control!
24VDC digital output to indicate a running remote access session Alternative:
24VDC digital inputto enable / disable remote access
Remote AccessRouter
Built-In Switch to enable / disable remote access
Data from Fieldbus to Cloud
Data Diode
Data & Remote combination
Security by Hardware
And more …
Data Diode
Security by Software
And more …
Data Diode
ContainerCloud
Application
Docker
ContainerFieldbus
Application
Software
Control
Automation Firewall
Factory
OT Network
Micro Network Segmentation Avoid address conflicts when
installing new machines
Protect machine components &
internal network
Isolate production islands &
control accesses
Protect Legacy Systems Protect old & unsecured
equipment
Improve the factory overall
cybersecurity level without
introducing structural changes
in the production network…
Configure OT Firewalls Manage Firewall‘s like you
manage PLC‘s
User Interface for Automation
User‘s
Self Learning Network Traffic
Reduced Functionality for OT Use
Cases
Vragen? We staan naast u of all of our
products