Building a Secure OT Network | SANS ICS Concepts
HTML-код
- Опубликовано: 5 июн 2024
- In this concept overview, we are joined by Don Brown Associate Director of Cyber Security at Verista. Don is here to discuss his experiences deploying a security OT network architectures. He walks us through a presentation that outlines his approach to achieving good zones and conduits to implement a reliable and secure operating environment.
If you enjoy this video, and the topics we cover in the SANS ICS concept overviews, be sure to like and subscribe to this channel. Leave a comment if you have a question about this topic or suggestions for future content.
Script by Don C. Weber (@cutaway), Certified SANS Instructor and Cutaway Security, LLC and Don Brown Associate Director of Cyber Security for Verista.
References
Don C Weber's Social Media:
Twitter: / cutaway
LinkedIn: / cutaway
Cutaway Security: / cutaway-security-llc
CutSec Twitter: / cutawaysecurity
Don Brown's Social Media:
Email: don.brown@verista.com
LinkedIn: / donfbrown
Verista's Social Media:
Website: verista.com/
Email Contact Page: verista.com/contact/
Twitter: / verista10
Instagram: / verista1020
LinkedIn: / veristasolutions
SANS ICS Training:
ICS410: ICS/SCADA Security Essentials - www.sans.org/cyber-security-c...
ICS418: ICS Security Essentials for Managers - www.sans.org/cyber-security-c...
ICS456: Essentials for NERC Critical Infrastructure Protection - www.sans.org/cyber-security-c...
ICS515: ICS Active Defense and Incident Response - www.sans.org/cyber-security-c...
ICS612: ICS Cybersecurity In-Depth - www.sans.org/cyber-security-c... 
Наука
Thank you for this video I am starting my first class in the IT realm and this video is helping me understand things much clearer.
Great, thanks
this is amazing! thank you very much!!
Don't think he spoke about this but would you split up zones, like manufacturing, into sub-zones (vlans) that were protected by its own VRF to control east/west threat proliferation? Or is there little worry about 1 PLC somehow infecting another manufacturer PLC and instead the worry is a compromised PLC can then reach up to the SCADA server and it can then shut down everything. Just trying to figure out how flat or segmented we should make our networks.
Very informative, and interesting! Thanks, and much appreciated! If I could suggest a similar session on risk assement/ tolerable risk (IEC 62443-3-2) for future vidoes?
Excellent info!
Good One, Practical One, Thanks for your time sir. where to get the PPT ?
Awesome video
Very informative
This is a good starting point but in fact conduits are just firewall rules and you may need to enhance the OOTB capabilities of NGFW with extra insights from the likes of Claroty or Nozomi to make the inspection (controls) more accurate and offer a more astute level of detail - even if your FW has OT specific capabilities to recognize the more common protocols like Modbus and Profinet...you may not understand the flows and the involved risk - In terms of compartmentalization - your mileage may vary - some orgs. just isolate part of OT locally (containment of endpoints close to industrial estate) - other more integrated flows may need to be contained in VRF's mapping to zones for transport to datacenter or cloud based IT systems (warehouse management systems or ERP systems) etc. So it's a set of guiding principles and best current practices..to be implemented with respect to snowflake like use cases...
Good talk!