How to evaluate the industrial network security solution? - - - - - -

, June 12, 2017, the global WannaCry and ExPetr blackmail software attack to American and European utilities, manufacturers, telecom and the public transport system, which makes the network security experts and fully realize the network of criminals, operation technology ( OT) System than information technology ( 它) System become more vulnerable.

industrial network security technology provider Indegy chief technology officer at miller Mr. Gandur 'writing analysis network threats of industrial system, and puts forward prevention advice.

industrial threat form diversified

2018 industrial system is the biggest threat to blackmail software attacks, network attackers usually encryption key data, in order for ransom. And extortion software attack is not the only network risks to industrial control systems, terrorist organizations, national and industrial espionage attempts through various types of infiltration operation technology ( OT) System, in an attempt to profit by using data, stealing intellectual property rights ( Such as manufacturing blueprint or formula) , launch a denial of service, or destroy the factory.

in the manufacturing and industrial environment, network attack or unexpected interruption events such as the impact of worrying. For example, if the system integrators using outdated, inaccurate hardcopy assets spreadsheet on a wrong programmable logic controller ( PLC controller） On the plan ahead of change, will lead to big carmakers production line shut down more than 24 hours.

system appear accidental failures and malicious attacks of the attacker intentionally, is enough to cause attaches great importance to the manufacturing management, carefully consider when making choices, in order to protect the system against accidental or unauthorized changes to the operation.

OT security challenges of

for operating technology ( OT) Network security work lags far behind in the field of information technology ( 它) Areas, while companies are trying to chase, but still faces many challenges.

the biggest challenge is that the enterprise is not a comprehensive understanding of the need to protect all the ICS assets. If there is no automatic asset management software provides continuous updates, enterprise existing asset library may be outdated. Another challenge is that

ICS device does not necessarily has the security function. Many of the PLC controller, RTU, HMI, engineering workstations, OPC server are not considered in the design of security. In addition, the equipment of the designers in the planning and design to put IT on the Internet of things is not envisaged, IT also stems from a few years ago no one predicted, IT will eventually comes OT the phenomenon of fusion. Therefore, the enterprise shall eliminate the traditional concept of 'isolation', and to realize the seriousness of the security vulnerability and vulnerability to OT environment unprecedented challenges.

another tough challenge is, industrial system, the suspension of the high cost of running so fail to stop production or update firmware or repaired to solve the problem. OT equipment maintenance must be planned in advance and may need to spend a few months time to make the system off-line, to update and improve the safety of the equipment. At the same time, enterprises must maintain the status quo or through alternative to reduce risk.

in conclusion, fill the ICS network security gap is particularly important. For the United States national institute of standards and technology ( NIST） Released the key infrastructure to improve network security framework, provide guidance to protect the industrial control system and its environment.

how to evaluate the industrial network security solution?

in order to solve the manufacturing enterprise operating technology ( OT) In the environment safe visibility and control the blind spot problem, specially for this build technology are budding. When evaluating the industrial network security solutions, enterprise can consider the following important features:

automatic asset discovery and management: effective ICS security policy requires organizations to know exactly what it has assets, configuration, and related activities. This would require the use of automated asset discovery function for situational awareness and comprehensive knowledge of the asset management of assets and simplify continuous process. The functions include discovery and reporting of idle assets, and constantly update details assets, and through a lot of information to track all changes for backup and recovery.

monitoring network activity and detect abnormal/threat: use industrial network security policy to monitor the internal and external communication equipment and protocol, to detect security threats and exceptions. Integrity:

validation controller or physical connection to the equipment through the network method of detecting the change of the controller, such as configuration changes, code changes and to download firmware, this to prevent failure, interruption and/or physical damage is of crucial importance.

assessment of vulnerability and risk management: this involves performing routine vulnerability assessment on all control equipment, in order to identify the missing patches and configuration errors, and provide risk score for each device, to the safety of repair parts.

to detect and respond to events: to detect suspicious activity and in ICS network threat to generate real-time warning, including comprehensive review to track all ICS activities, historical information and retain controller, for backup and recovery support.

should be the function and organization in their use of IT security technology integration, such as security information and event management ( SIEM） Software. Industrial network security threat is no longer a 'theory', also is not alarmist. Factory owners and operators should deploy the right technology, and fully understand and manage operational technology ( OT) Environment, to ensure that the process, equipment and personnel safety.

Shenzhen Coolmay Technology Co., Ltd. shows how effective market design can encourage participation, reduce gaming, and aggregate information, in order to improve liquidity, efficiency, and equity in markets.
Shenzhen Coolmay Technology Co., Ltd. is one of leading programmable control systems plc manufacturers distributors. You can order , and accessories for your need. Meeting your business need is always our top priority. Any of your enquiry is warmly welcomed.
Individuals with varied technical skills use plc manufacturers in a wide range of applications.