Networks as a security factor
Network security to protect industrial plants
Cybersecurity is the subject that should be on the agenda of every business right now. With “Defense in Depth” as a comprehensive protection strategy, Siemens provides answers in the form of defense throughout all levels based on the Industrial Security Standard IEC 62443. Part of the Industrial Security concept is network security to protect automation networks against unauthorized access. This includes checking all interfaces, like those between office and plant networks, or checking remote accesses to the Internet, and may be carried out using firewalls or, as appropriate, by creating a protected secure zone (a ‘demilitarized zone’ or DMZ). For secure remote access to production networks, the “Defense in Depth” concept can be enriched with Zero Trust principles. Based on professional planning, design, and the implementation of available, powerful network infrastructures, it is possible to create comprehensive yet secure OT networks.
Secure communication in industrial networksAn approach that covers all levels simultaneously is essential to comprehensively protect industrial facilities both internally and externally – from operational to field level, from access control to copy protection. This is why we use “Defense in Depth” as our comprehensive protective strategy aligned with the Industrial Security Standard IEC 62443, the leading standard for security in industrial automation.
Know how your network is protected
Experts calculate that 25 billion communications-capable machines will be networked as part of the Industrial Internet of Things in just a few years from now. This exponentially increases the attack surface and is accompanied by new network security requirements that ensure the continued protection of machines, plants, and expertise. Industrial Security is based on a multilayered concept – “Defense in Depth” – that gives your plant both all-round and in-depth protection. It starts with conventional building access and extends to the securing of sensitive areas by means of key cards. Network security includes the protection of automation networks against unauthorized accesses with network access protection, segmentation, and encrypted communication. System integrity protects your automation systems and control components against unauthorized accesses and meets special requirements such as know-how protection.
This perimeter-based network security can now be enriched by Zero Trust principles for secure access to production network systems and applications.
Why Zero Trust? Joint challengesIT and OT – or just “connected devices”? No matter how you put it, the two worlds are converging. With the increasing demand for flexible and mobile working, remote collaboration has seen an additional push. OT systems, applications, and data are well protected with strong “Defense in Depth” concepts – but how vulnerable are your values in the case of external access? Here, Zero Trust enters the stage to prevent production networks and assets from damage, misuse, and espionage.
The best way to trust is Zero Trust
SCALANCE LPE incorporates Zero Trust, a security principle known from IT networks. SCALANCE LPE with Zero Trust combines three goals that, for the first time, complement one another:
- The strong protection of “Defense in Depth” cell protection
- Secure access to production networks from external – for example, to enable flexible working from the office or mobile
- Maximum availability and full real-time capability as required in production networks
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a concept. For more information about industrial security, please visit.
Professional support for future-proof communications networks
First-class network components will not create a first-class industrial communications network on their own. A thorough understanding of network designs is at least as important. You get both when you deal with us and our certified Solution Partners. That’s where you benefit: our Professional Services for Industrial Networks give you professional help in developing your network solution – tailored to suit your specific requirements.