Enviar búsqueda
Cargar
Routeco cyber security and secure remote access 1 01
•
2 recomendaciones
•
1,920 vistas
RoutecoMarketing
Seguir
Ingeniería
Denunciar
Compartir
Denunciar
Compartir
1 de 24
Descargar ahora
Descargar para leer sin conexión
Recomendados
What Every It Professional Should Know
What Every It Professional Should Know
dinobusalachi
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
Community Protection Forum
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Community Protection Forum
Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
TI Safe
Recomendados
What Every It Professional Should Know
What Every It Professional Should Know
dinobusalachi
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
Community Protection Forum
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Community Protection Forum
Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
TI Safe
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Nozomi Networks
Should I Patch My ICS?
Should I Patch My ICS?
Digital Bond
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
ClubHack
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
IJECEIAES
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
PECB
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Priyanka Aash
ICS security
ICS security
Ahmed Shitta
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
The journey to ICS - Extended
The journey to ICS - Extended
Larry Vandenaweele
Nozomi networks-solution brief
Nozomi networks-solution brief
Nozomi Networks
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Honeywell
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
White paper scada (2)
White paper scada (2)
Ivan Carmona
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Ahmed Al Enizi
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
Itex Solutions
Network security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
Industrial Control System Cyber Security and the Employment of Industrial Fir...
Industrial Control System Cyber Security and the Employment of Industrial Fir...
Schneider Electric
Más contenido relacionado
La actualidad más candente
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Nozomi Networks
Should I Patch My ICS?
Should I Patch My ICS?
Digital Bond
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
ClubHack
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
IJECEIAES
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
PECB
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Priyanka Aash
ICS security
ICS security
Ahmed Shitta
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
The journey to ICS - Extended
The journey to ICS - Extended
Larry Vandenaweele
Nozomi networks-solution brief
Nozomi networks-solution brief
Nozomi Networks
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Honeywell
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
White paper scada (2)
White paper scada (2)
Ivan Carmona
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Ahmed Al Enizi
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
Itex Solutions
La actualidad más candente
(20)
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Should I Patch My ICS?
Should I Patch My ICS?
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
ICS security
ICS security
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
The journey to ICS - Extended
The journey to ICS - Extended
Nozomi networks-solution brief
Nozomi networks-solution brief
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
White paper scada (2)
White paper scada (2)
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
Destacado
Network security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
Industrial Control System Cyber Security and the Employment of Industrial Fir...
Industrial Control System Cyber Security and the Employment of Industrial Fir...
Schneider Electric
Summary Of Course Projects
Summary Of Course Projects
awan2008
Denodo Data Virtualization Platform: Scalability (session 3 from Architect to...
Denodo Data Virtualization Platform: Scalability (session 3 from Architect to...
Denodo
Denodo Data Virtualization Platform: Security (session 5 from Architect to Ar...
Denodo Data Virtualization Platform: Security (session 5 from Architect to Ar...
Denodo
Cyber Security in Manufacturing
Cyber Security in Manufacturing
CentraComm
Microsoft Cloud Services Architecture
Microsoft Cloud Services Architecture
David Chou
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor Types
Recorded Future
Destacado
(8)
Network security - Defense in Depth
Network security - Defense in Depth
Industrial Control System Cyber Security and the Employment of Industrial Fir...
Industrial Control System Cyber Security and the Employment of Industrial Fir...
Summary Of Course Projects
Summary Of Course Projects
Denodo Data Virtualization Platform: Scalability (session 3 from Architect to...
Denodo Data Virtualization Platform: Scalability (session 3 from Architect to...
Denodo Data Virtualization Platform: Security (session 5 from Architect to Ar...
Denodo Data Virtualization Platform: Security (session 5 from Architect to Ar...
Cyber Security in Manufacturing
Cyber Security in Manufacturing
Microsoft Cloud Services Architecture
Microsoft Cloud Services Architecture
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor Types
Similar a Routeco cyber security and secure remote access 1 01
BRKIOT-2108.pdf
BRKIOT-2108.pdf
JokaTek
AUTOMATING DATA FOR IIOT ASSET MANAGEMENT & CONTROL - A HOW TO FRAMEWORK
AUTOMATING DATA FOR IIOT ASSET MANAGEMENT & CONTROL - A HOW TO FRAMEWORK
Anastasia Govan Kuusk
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
Muhammad Adeel Kazim⭐⭐⭐⭐⭐
Discrete MFG IoT Factory of the Future
Discrete MFG IoT Factory of the Future
Mainstay
Cisco Prime infrastructure 3.0
Cisco Prime infrastructure 3.0
solarisyougood
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
Nir Cohen
Jvvnl 071108
Jvvnl 071108
amanmadhok
Fundamentals of ethernet ip osi and cip
Fundamentals of ethernet ip osi and cip
RoutecoMarketing
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
Microsoft Tech Community
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
Nur Shiqim Chok
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Canada
Unidirectional Network Architectures
Unidirectional Network Architectures
EnergySec
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
TI Safe
Unified industrial wireless networks (cisco)
Unified industrial wireless networks (cisco)
Luis Atencio
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Canada
Cloud networking workshop
Cloud networking workshop
Cisco Canada
Smart Networks for the Industrial Internet of Things
Smart Networks for the Industrial Internet of Things
Creekside Marketing Group, LLC
Manufacturing pov jeff green 2016 v2
Manufacturing pov jeff green 2016 v2
Jeff Green
如何用建構校園網絡迎接e-Learning時代v2.10
如何用建構校園網絡迎接e-Learning時代v2.10
eLearning Consortium 電子學習聯盟
Cisco Connect 2018 Thailand - Software defined access a transformational appr...
Cisco Connect 2018 Thailand - Software defined access a transformational appr...
NetworkCollaborators
Similar a Routeco cyber security and secure remote access 1 01
(20)
BRKIOT-2108.pdf
BRKIOT-2108.pdf
AUTOMATING DATA FOR IIOT ASSET MANAGEMENT & CONTROL - A HOW TO FRAMEWORK
AUTOMATING DATA FOR IIOT ASSET MANAGEMENT & CONTROL - A HOW TO FRAMEWORK
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
Discrete MFG IoT Factory of the Future
Discrete MFG IoT Factory of the Future
Cisco Prime infrastructure 3.0
Cisco Prime infrastructure 3.0
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
Jvvnl 071108
Jvvnl 071108
Fundamentals of ethernet ip osi and cip
Fundamentals of ethernet ip osi and cip
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Unidirectional Network Architectures
Unidirectional Network Architectures
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
Unified industrial wireless networks (cisco)
Unified industrial wireless networks (cisco)
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cloud networking workshop
Cloud networking workshop
Smart Networks for the Industrial Internet of Things
Smart Networks for the Industrial Internet of Things
Manufacturing pov jeff green 2016 v2
Manufacturing pov jeff green 2016 v2
如何用建構校園網絡迎接e-Learning時代v2.10
如何用建構校園網絡迎接e-Learning時代v2.10
Cisco Connect 2018 Thailand - Software defined access a transformational appr...
Cisco Connect 2018 Thailand - Software defined access a transformational appr...
Más de RoutecoMarketing
The connected enterprise. Is your business ready?
The connected enterprise. Is your business ready?
RoutecoMarketing
Stratix 2015
Stratix 2015
RoutecoMarketing
Internet of things
Internet of things
RoutecoMarketing
Plantwide Benefits of EtherNet/IP Seminar Billingham 09.07.2014
Plantwide Benefits of EtherNet/IP Seminar Billingham 09.07.2014
RoutecoMarketing
EtherNet/IP Seminar Coventry 29.04.14
EtherNet/IP Seminar Coventry 29.04.14
RoutecoMarketing
Plantwide benefits of EtherNet IP Seminar
Plantwide benefits of EtherNet IP Seminar
RoutecoMarketing
Más de RoutecoMarketing
(6)
The connected enterprise. Is your business ready?
The connected enterprise. Is your business ready?
Stratix 2015
Stratix 2015
Internet of things
Internet of things
Plantwide Benefits of EtherNet/IP Seminar Billingham 09.07.2014
Plantwide Benefits of EtherNet/IP Seminar Billingham 09.07.2014
EtherNet/IP Seminar Coventry 29.04.14
EtherNet/IP Seminar Coventry 29.04.14
Plantwide benefits of EtherNet IP Seminar
Plantwide benefits of EtherNet IP Seminar
Último
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
jaanualu31
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
SCMS School of Architecture
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal load
hamedmustafa094
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
MuhammadAsimMuhammad6
Wadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptx
NadaHaitham1
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
mphochane1998
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
KOUSTAV SARKAR
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
Morshed Ahmed Rahath
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
maisarahman1
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
JIT KUMAR GUPTA
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
JiananWang21
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
JuliansyahHarahap1
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
SCMS School of Architecture
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Kandungan 087776558899
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech Civil
VinayVitekari
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
vanyagupta248
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
sarkmank1
School management system project Report.pdf
School management system project Report.pdf
Kamal Acharya
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
selvakumar948
Último
(20)
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal load
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Wadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptx
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech Civil
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
School management system project Report.pdf
School management system project Report.pdf
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
Routeco cyber security and secure remote access 1 01
1.
IACS Network Security
& Secure RemoteAccess Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe www.cisco.com/go/security 11th Feb 2014
2.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 2 On Average, there is a ratio of 15:1 Industrial Devices to Enterprise within a manufacturing plant Industrial Devices Meter Sensor Machines Vehicles Robots HMII/O Controller/PLC Scanner Phone RFID Tag Enterprise Devices IP Phone PC Printers Servers “As manufacturers replace legacy network systems and look for areas to streamline on a common solution, ARC sees a tremendous opportunity for growth of EtherNet/IP applications,” according to Craig Resnick, Research Director, ARC Advisory Group 1 15
3.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 3 TheftUnintended employee action Natural or manmade disaster Unauthorized contractor actions Security patches Worms, viruses, malware Denial of serviceSabotage Unauthorized access Unauthorized employee action Potential Disruptions
4.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 4 Stuxnet – a wake up call…. breakdown of Stuxnet http://www.ted.com/talks/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon.html Ralph Langner German Control systems security consultant F-Secure wrap-up on Stuxnet http://www.youtube.com/watch?v=gFzadFI7sco
5.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 5
6.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 6 • Fragile TCP/IP Stacks – NMAP, Ping Sweep lockup • Little or no device level authentication • Poor network design – hubs, unmanaged switches • Windows based IA servers – patching, legacy OS • Unnecessary services running – FTP, HTTP • Open environment, no port security, no physical security of switch, Ethernet ports • Limited auditing and monitoring of access to IA devices • Unauthorised use of HMI, IA systems for browsing, music/movie downloads • Lack of IT expertise in IA networks, many blind spots
7.
Defense in DepthApproach
8.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 8 Real–Time Control Fast Convergence Traffic Segmentation and Management Ease of Use Site Operations and Control Multi-Service Networks Network and Security Management Routing Application and Data share Access Control Threat Protection Gbps Link for Failover Detection Firewall (Active) Firewall (Standby) SCADA Application and Services Servers Cisco ASA 5500 Cisco Catalyst Switch Network Services Cisco Catalyst 6500/4500 Cisco Cat. 3750X StackWise Switch Stack Patch Management, Terminal Services, Application Mirrors, AV Servers Cell/Area #1 (Redundant Star Topology) Drive Controller HMI Distributed I/O Controller DriveDrive HMI Distributed I/O HMI Cell/Area #2 (Ring Topology) Cell/Area #3 (Linear Topology) IE3000/3010/2000 Layer 2 Access Switch Controller Enterprise/IT Integration Collaboration Wireless Application Optimization Cell/Area Zone Levels 0–2 Layer 2 Access Manufacturing Zone Level 3 Distribution and Core Demilitarized Zone (DMZ) Firewalls Enterprise Network Levels 4–5 Web Apps DNS FTP Internet
9.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 9 • Physical Security – limit physical access to authorized personnel: areas, control panels, devices, cabling, and control room – escort and track visitors • Network Hardening – infrastructure framework – e.g. firewalls with intrusion detection and intrusion prevention systems (IDS/IPS), and integrated protection of networking equipment such as switches and routers • End-point Hardening – patch management, antivirus software as well as removal of unused applications, protocols, and services • Application Security – authentication, authorization, and audit software • Device Hardening – change management and restrictive access Defense in Depth Computer Device Physical Network Application
10.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 10 • Security is not a bolt-on component • Comprehensive Network Security Model for Defense-in-Depth • Industrial Security Policy • DMZ Implementation • Design Remote Partner Access Policy, with robust & secure implementation
11.
Secure NetworkArchitectures for Industrial
Control Systems
12.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 12 Panduit/RA Physical Layer Reference Architectures Design Guide PSL-DCPL PSL-DCJB
13.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 14 • All network traffic from either side of the DMZ terminates in the DMZ; network traffic does not directly traverse the DMZ • Application Data Mirror • No primary services are permanently housed in the DMZ • DMZ shall not permanently house data • No control traffic into the DMZ • Be prepared to “turn-off” access via the firewall No Direct Traffic Enterprise Security Zone Industrial Security Zone Disconnect Point Disconnect Point DMZReplicated Services
14.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 15 Level 5 Level 4 Level 3 Level 2 Level 1 Level 0 Terminal Services Patch Management AV Server Application Mirror Web Services Operations Application Server Enterprise Network Site Business Planning and Logistics NetworkE-Mail, Intranet, etc. SCADA App Server SCADA Directory Engineering Workstation Domain Controller SCADA Client Operator Interface SCADA Client Engineerin g Workstatio n Operato r Interfac e Batch Control Discrete Control Drive Control Continuou s Process Control Safety Control Sensors Drives Actuators Robots Enterprise Zone DMZ Process Control Domain Process Control Network Web E-Mail CIP Firewal l Firewall Site Manufacturing Operations and Control Area Supervisory Control Basic Control Process PurdueReferenceModel,ISA-95 IndustrialSecurityStandardISA-99
15.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 16 1.Firewall Services (Segmentation, Isolation) 2.Application Services (Behavior Enforcement, Application Intelligence and Awareness, Gateway Capabilities) 3.Logging and Historical Services (Traffic, Event histories) 4.Encryption and Data Integrity Services (remote access, and secure channels for data transfer) 5.IPS/IDS Services (deep packet inspection – Sourcefire and Wurldtech Industrial Signatures 1.Malware Detection and Filtering (deep packet and URL inspection
16.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 17 VPN VDI WSA IPS ASA-CX ASA ISE Level 5 Level 4 Level 3 Level 2 Level 1 Level 0 Level 3½ Enterprise Zone DMZ PCD / Manufacturing Zone PCN / Cell / Area Zone 1783-SR
17.
Secure Remote Access
18.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 19 Use Stratix 5900 (1783-SR) NOT this (or similar such item)
19.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 21 DefenseinDepth Securitytechnologiesapplied Authentication, Authorization and Accounting Access Control Lists (ACLs) Secure Browsing (HTTPS) Intrusion Protection and Detection Remote Terminal Session Application Security VLANs Remote Engineers and Partners Plant Floor Applications and Data
20.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 22 WAN Plant Engineer Skid Builder System Integrator Remote Site WAN Router Plant Site WAN Router • Stand-alone Remote Industrial Application Example: remote site Requirements Connection out from the Plant, direct access Little to no IT support, little to no alignment with Industrial Automation and Control System security standards Potential Solution IPSecVPN, DMVPN,FlexVPN – ASA5515 and/or STX5900 1783-SR/819 ISR IPSec X many
21.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 23 Cell/Area Zone #3 Cell/Area Zone #4 FactoryTalk Applications and Services Ring Topology Cell/Area Zone #1 Cell/Area Zone #2 Manufacturing Zone 8000 Managed Layer 2 Switch ETAP - Embedded Layer 2 Switch Ring Topology Enterprise Zone Enterprise Network 5700 Managed Layer 2 Switch Star Topology Embedded Layer 2 Switch Linear Topology Mobile User Lightweight AP (LWAP) AP as Workgroup Bridge (WGB) ERP, Email, Wide Area Network (WAN) 5100 802.11n – Dual Band Access point 8300 Managed Layer 3 Switch 5900 Industrial Services Router
22.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 24 Levels 0–2 Cell/Area Zones Demilitarized Zone (DMZ) Demilitarized Zone (DMZ) Enterprise Zone Levels 4 and 5 Manufacturing Zone Site Manufacturing Operations and Control Level 3 Internet Enterprise Zone Levels 4 and 5 Enterprise WAN Enterprise Data Center Gbps Link Failover Detection Firewall (Active) Firewall (Standby) Patch Management Terminal Services Application Mirror AV Server Cisco ASA 5500 Remote Access Server • RSLogix 5000 • FactoryTalk View Studio Catalyst 6500/4500 Remote Engineer or Partner Enterprise Connected Engineer Enterprise Edge Firewall HTTPS Cisco VPN Client Remote Desktop Protocol (RDP) Catalyst 3750 StackWise Switch Stack EtherNet/IP IPSECVPN SSLVPN FactoryTalk Application Servers • View • Historian • AssetCentre • Transaction Manager FactoryTalk Services Platform • Directory • Security/Audit Data Servers 1. Remote engineer or partner establishes VPN to corporate network; access is restricted to IP address of plant DMZ firewall 2. Portal on plant firewall enables access to IACS data, files and applications – Intrusion protection system (IPS) on plant firewall detects and protects against attacks from remote host 3. Firewall proxies a client session to remote access server 4. Access to applications on remote access server is restricted to specified plant floor IACS resources through IACS application security
23.
© 2013 Cisco
and/or its affiliates. All rights reserved. Cisco Confidential 25 1. Identify all connections to SCADA networks 2. Disconnect unnecessary connections to the SCADA network 3. Evaluate and strengthen the security of any remaining connections to the SCADA network 4. Harden SCADA networks by removing or disabling unnecessary services 5. Do not rely on proprietary protocols to protect your system 6. Implement the security features provided by device and system vendors 7. Establish strong controls over any medium that is used as a backdoor into the SCADA network 8. Implement internal and external intrusion detection systems and establish 24-hour-a-day incident monitoring 9. Perform technical audits of SCADA devices and networks, and any other connected networks, to identify security concerns 10. Conduct physical security surveys and assess all remote sites connected to the SCADA network to evaluate their security 11. Establish SCADA “Red Teams” to identify and evaluate possible attack scenarios 12. Clearly define cyber security roles, responsibilities, and authorities for managers, system administrators, and users 13. Document network architecture and identify systems that serve critical functions or contain sensitive information that require additional levels of protection 14. Establish a rigorous, ongoing risk management process 15. Establish a network protection strategy based on the principle of defense-in-depth 16. Clearly identify cyber security requirements 17. Establish effective configuration management processes 18. Conduct routine self-assessments 19. Establish system backups and disaster recovery plans 20. Senior organizational leadership should establish expectations for cyber security performance and hold individuals accountable for their performance 21. Establish policies and conduct training to minimize the likelihood that organizational personnel will inadvertently disclose sensitive information regarding SCADA system design, operations, or security controls 21 Steps to securing a SCADA network http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf
Descargar ahora