Network Security for industry

Network security for industry according to cybersecurity recommendation IEC 62443

With the growing trend toward mobile and remote work, cyberattacks on businesses have increased by as much as

0 %
  • Welcome to network security with Zero Trust – from Siemens

White paper: Industrial Network Security Architecture

White paper

Our portfolio for security in industrial networks

SCALANCE S Industrial Security Appliances as a part of network security support the Defense in Depth industrial security concept

Industrial Security Appliances

SCALANCE S Industrial Security Appliances

The SCALANCE S Industrial Security Appliances as a part of network security support the “Defense in Depth” industrial security concept. They protect automation networks, and seamlessly connect to the security structures of the Office and IT world.

SCALANCE M industry routers enable secure remote access to facilities with integrated security functions (firewall and VPN)

Industrial Routers

SCALANCE M Industrial Routers

The SCALANCE M product range includes both wired and wireless routers. They enable secure remote access to facilities with integrated security functions (firewall and VPN) to protect against unauthorized access and also to protect data transmissions.

Security communication processors protect controllers with integrated firewall and VPN from data manipulation and espionage.

Security Communications Processors

Additional protection using security communications processors

Security communications processors use integrated firewalls (to monitor data flows) and VPNs to protect controllers against data manipulation and espionage.

Software solutions for secure remote access via VPN and to manage industrial networks.

Software for Secure Networks

Software products for various security requirements

Software solutions for secure remote access via VPN to plants and security components and to manage industrial networks.

SCALANCE LPE - the local processing engine – open to your ideas 

Local Data Processing

The local processing engine - secure with Zero Trust

SCALANCE LPE collects data directly at the process, pre-processes it, and makes it available to other systems. Possible applications range from predictive maintenance and anomaly detection to secure remote access to industrial networks, e.g. based on Zero Trust. 

Accessories like RJ45 connectors

Data Export and Accessories

More products and services for improved network security

The SCALANCE TAP104 unmanaged Industrial Ethernet Test Access Port for data traffic export as well as connectors to mechanically lock RJ45 ports and other accessories for SCALANCE S.

Defense in Depth

Secure communication in industrial networks

An approach that covers all levels simultaneously is essential to comprehensively protect industrial facilities both internally and externally – from operational to field level, from access control to copy protection. For this purpose, we use a strategy that provides defense throughout all levels: “Defense in Depth” is a comprehensive security concept based on plant security, network security, and system integrity. We are guided by the IEC 62443 standard, the leading standard for security in industrial automation.

Know how your network is protected

We want your network to be secure. Our solution for network security is part of the “Defense in Depth” industrial security concept, which means protecting automation networks against unauthorized access. The main task is to control all interfaces – for example between the office and plant networks – as well as remote maintenance access. To achieve this, we rely on firewalls and, if necessary, we establish a DMZ (demilitarized zone = security-shielded zone). For secure access to production networks, the “Defense in Depth” concept can be enriched by Zero Trust principles. This approach enables us to set up end-to-end, secure OT networks for you based on professional planning, design, and the implementation of available, high-performance network infrastructures.
 

In this video, you can see how flexible work can be combined with maximum network security.

Siemens expert on network security

Network security includes the protection of automation networks against unauthorized access by means of network access protection, network segmentation, and encrypted communication. Ricarda Koch explains how this works in practice.

Zero Trust

Why Zero Trust? Joint challenges

IT and OT – or just “connected devices”? No matter how you put it, the two worlds are converging. With the increasing demand for flexible and mobile working, remote collaboration has seen an additional push. OT systems, applications, and data are protected by strong “Defense in Depth” concepts. But how vulnerable are their assets and systems in the event of external access? This is where Zero Trust comes in – to protect production networks and assets from damage, misuse, and espionage.

The best way to trust is Zero Trust

SCALANCE LPE incorporates Zero Trust, a security principle known from IT networks. SCALANCE LPE with Zero Trust combines three goals that, for the first time, complement one another:

  • The strong protection of “Defense in Depth” cell protection
  • Secure access to production networks from external – for example, to enable flexible working from the office or mobile
  • Maximum availability and full real-time capability as required in production networks

How does it work? Joint responsibility

Zero Trust is a powerful principle now applied in “Defense in Depth” architectures. The entire network and all connected devices are generally considered untrusted.
 

Participating devices, users, and software resources need to be identified and authorized before getting access to systems and applications of the production network. Access is strictly limited to the current request.


To incorporate Zero Trust principles, SCALANCE LPE accommodates Private Access, a security solution from Zscaler Inc. Installing the solution as a Docker© container on the local processing engine SCALANCE LPE enables highly secure access to industrial automation environments.

Why Zero Trust?

Learn more about it!

References

SCALANCE S already in successful use

Discover how industrial enterprises around the world utilize the SCALANCE S portfolio to rigorously improve their network security.
Teaser Cybersecurity for Industry
Cybersecurity for Industry

Security information

In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a concept. For more information about industrial security, please visit.

Additional information

Information and downloads

Want to know more about our products for improved network security? Download our information or find out about our portfolio – covering every stage from efficient planning to implementation.

The fastest way to the experts

Proposed solutions for your queries and direct access to our experts in Technical Support

Service offers

To remain competitive over the long term, companies in industry must ensure – and ideally increase – the availability and productivity of  machines and plants. As your partner, we offer a unique range of services and support based on our extensive technology and industry expertise.

Well trained for excellent handling

Receive standardized or individual expertise directly from the manufacturer – with training centers in more than 60 countries.

Professional support

Professional support for future-proof communications networks

First-class network components will not create a first-class industrial communications network on their own. A thorough understanding of network designs is at least as important. You get both when you deal with us and our certified Solution Partners. That’s where you benefit: our Professional Services for Industrial Networks give you professional help in developing your network solution – tailored to suit your specific requirements.

Benefit from our expertise in industrial networks

Professional Services