SANS 5 ICS Critical Controls for Electric: Control 2 - ICS Defensible Control System Network Architecture
Nearly 40% of ICS environment compromises come from the IT business network that allows a threat into the ICS environment. So, it’s more important than ever to focus on the ICS perimeter defenses first, followed closely by the additional required segmentation within the ICS network itself.
An ICS DMZ introduces additional layers of protection and is therefore a must-have. An ICS DMZ acts as a buffer between the internal industrial network and external entities such as corporate networks or the internet.
Network architecture can support effective network segmentation, visibility of control system traffic for analysis, detection of threats, log collection, asset identification, industrial control systems DMZ, and enforcement zones. Through the right architecture, you can improve safety and system integrity.
An ICS DMZ introduces additional layers of protection and is therefore a must-have. An ICS DMZ acts as a buffer between the internal industrial network and external entities such as corporate networks or the internet.
Network architecture can support effective network segmentation, visibility of control system traffic for analysis, detection of threats, log collection, asset identification, industrial control systems DMZ, and enforcement zones. Through the right architecture, you can improve safety and system integrity.
Watch All Parts in This Series:
