Network Security for industry
With the growing trend toward mobile and remote work, cyberattacks on businesses have increased by as much as
Welcome to network security with Zero Trust – from Siemens
Our portfolio for security in industrial networks
Secure communication in industrial networksAn approach that covers all levels simultaneously is essential to comprehensively protect industrial facilities both internally and externally – from operational to field level, from access control to copy protection. For this purpose, we use a strategy that provides defense throughout all levels: “Defense in Depth” is a comprehensive security concept based on plant security, network security, and system integrity. We are guided by the IEC 62443 standard, the leading standard for security in industrial automation.
Know how your network is protected
We want your network to be secure. Our solution for network security is part of the “Defense in Depth” industrial security concept, which means protecting automation networks against unauthorized access. The main task is to control all interfaces – for example between the office and plant networks – as well as remote maintenance access. To achieve this, we rely on firewalls and, if necessary, we establish a DMZ (demilitarized zone = security-shielded zone). For secure access to production networks, the “Defense in Depth” concept can be enriched by Zero Trust principles. This approach enables us to set up end-to-end, secure OT networks for you based on professional planning, design, and the implementation of available, high-performance network infrastructures.
In this video, you can see how flexible work can be combined with maximum network security.
Siemens expert on network security
Network security includes the protection of automation networks against unauthorized access by means of network access protection, network segmentation, and encrypted communication. Ricarda Koch explains how this works in practice.
Why Zero Trust? Joint challengesIT and OT – or just “connected devices”? No matter how you put it, the two worlds are converging. With the increasing demand for flexible and mobile working, remote collaboration has seen an additional push. OT systems, applications, and data are protected by strong “Defense in Depth” concepts. But how vulnerable are their assets and systems in the event of external access? This is where Zero Trust comes in – to protect production networks and assets from damage, misuse, and espionage.
The best way to trust is Zero Trust
SCALANCE LPE incorporates Zero Trust, a security principle known from IT networks. SCALANCE LPE with Zero Trust combines three goals that, for the first time, complement one another:
- The strong protection of “Defense in Depth” cell protection
- Secure access externally to production networks – for example, to enable flexible working from the office, remotely or mobile
- Maximum availability and full real-time capability as required in production networks
How does it work? Joint responsibility
Zero Trust is a powerful principle now applied in “Defense in Depth” architectures. The entire network and all connected devices are generally considered untrusted.
Participating devices, users, and software resources need to be identified and authorized before getting access to systems and applications of the production network. Access is strictly limited to the current request.
To incorporate Zero Trust principles, SCALANCE LPE accommodates Private Access, a security solution from Zscaler Inc. Installing the solution as a Docker© container on the local processing engine, SCALANCE LPE, enables highly secure access to industrial automation environments.
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a concept. For more information about industrial security, please visit.
Professional support for future-proof communications networks
First-class network components will not create a first-class industrial communications network on their own. A thorough understanding of network designs is at least as important. You get both when you deal with us and our certified Solution Partners. That’s where you benefit: our Professional Services for Industrial Networks give you professional help in developing your network solution – tailored to suit your specific requirements.