30.2 C
New York
Friday, June 21, 2024

New security superpowers to help IT with OT security


It all starts here at Cisco Live! Getting a glimpse into new announcements that define the future of networking technology is exhilarating. We provide advanced networking and security solutions that are not only robust and secure but also integral to the success of Industry 4.0. As organizations leverage Industrial IoT, AI, and more and more data, the need for secure, high-performance networks has never been greater.

For long, organizations have relied on air gapped networks that were restricted to the physical space. Modern industrial processes need seamless connectivity to external networks and cloud applications. However, as organizations adopted more cloud services and became increasingly decentralized, the threat landscape has expanded and has become more intense. A single perimeter security approach used previously quickly proves to be ineffective. Taking industrial networks out of their silos to unlock new IT innovations in OT requires advanced industrial security capabilities to protect operations and maintain production uptime. In the Cisco 2024 State of Industrial Networking Customer Survey, 89% respondents described the importance of cybersecurity compliance in their operational networks as highly important. Point security solutions that organizations may deploy increase the cost and complexity of securing overall operations.

Modern industrial operations require a layered approach for comprehensive security. Because it connects all systems and devices, the network is in the best position to help protect operations. Cisco industrial networking acts as a fabric that helps build a converged architecture bringing simplicity, ease of deployment, and cost savings to help scale industrial security and protect operations.

Built-in advanced security for IT and OT with Catalyst Industrial Routers

Cisco Catalyst industrial routers offer a highly modular portfolio that provides not only the scalability and flexibility to connect the industrial network edge but also a host of security capabilities, including OT/ICS visibility with Cisco Cyber Vision, zero trust remote access with Cisco Secure Equipment Access, and next generation firewall (NGFW) features that enable consolidation of networking and security functions to securely connect critical industrial assets modern networks.

Cisco Industrial Routers with next-generation firewall

Our Catalyst industrial routers can become rugged next generation firewalls (NGFW) and pave the way for even more advanced cybersecurity features in industrial networks, such as integrating with a security service edge (SSE).

  • Firewall with application awareness and control: All Cisco industrial routers offer stateful firewall inspection with application recognition for creating localized security policies based on industrial protocols to limit traffic between assets.
  • Integrated intrusion detection and prevention system: When managed by Catalyst SD-WAN Manager, Cisco industrial routers offer more advanced capabilities such as an intrusion detection and prevention system (IDS/IPS) by using Cisco Snort powered by threat intelligence from Cisco Talos, the world’s largest threat detection network that works as an early-warning system that constantly updates with new threats and helps keep your infrastructure safe.
  • Advanced Malware Protection: Cisco Advanced Malware Protection (AMP) integrated into Cisco industrial routers equips the platform to provide protection and visibility from malware.
  • URL filtering: Use cases such as predictive maintenance or IoT applications often require connections to trusted cloud resources. URL filtering in the Cisco industrial routers enables security administrators to provide controlled access to trusted cloud resources by configuring domain-based or URL-based policies.

Security and WAN management go hand in hand

Consider the example of connecting a few hundred intersections across a region where IT and operations teams are tasked with configuring, and managing (including pushing policy and security updates) thousands of field assets. Manually configuring and maintaining security for large-scale WAN’s means that any configuration mistake is a security vulnerability. Our industrial customers can now deploy their distributed networks with ease using Catalyst SD-WAN Manager and unify security policies across all sites by centralizing policy definition. Catalyst SD-WAN Manager provides common unified management for onboarding, access, and security​ for IT and OT networks. In the Cisco 2024 State of Industrial Networking Customer Survey, 34 % respondents deemed that solutions designed for both types of networks would most accelerate IT and OT collaboration.

While we recommend deploying with a controller to harness the full capabilities of SD-WAN, if you wish to keep your routers in autonomous mode, you can still benefit from advanced cybersecurity features in Cisco Catalyst industrial routers, including next generation firewall capabilities and simplified OT network management by using automation and templates to secure, deploy and maintain your networks.

“We have deployed Cisco Catalyst SD-WAN Manager to securely control and manage connectivity at various distributed sites. SD-WAN’s auto VPN capabilities has saved us significant deployment time and data transport costs for customers. Additionally, the application aware routing capabilities allow our customers to load balance between FirstNet and other cellular networks, ensuring seamless, resilient access.”
–  Jeremy Sanders, Director of Emerging Technology and Development, C-Spire

New Catalyst Industrial Ethernet Switching innovations

Space is at a premium in many industrial settings such as roadside cabinets and inside robots. The Cisco Catalyst IE3100 Rugged Series industrial switches are ultra-compact designed to provide fast, secure connectivity in such confined, space-constrained settings. We are happy to announce addition of new switches in the Catalyst IE3100 series that can now supply PoE to connected assets as well. To help maintain uninterrupted operations, innovations in our PoE technology ensures continuous power supply even with low input voltage, and during switch restarts. Another addition to the Catalyst IE3100 features conformal coating to maximize product lifetime, and offer added protection against moisture, dust, and other contaminants.

Further, to enable remote workers manage and troubleshoot industrial assets, Catalyst IE3100 can host Cisco Secure Equipment Access gateway that provides a simple, scalable, and zero-trust secure access solution, avoiding the need for complex VPNs and cellular gateways. With these innovations, our customers can achieve smarter, more reliable, and more secure networks, optimizing their operations.

 “We rely on Cisco industrial solutions to secure our AGVs. As a leading manufacturer of Autonomous Guided Vehicles, as well as robotic and warehouse solutions for factories and distribution centers, it is our responsibility to ensure the safe operation of our products. By leveraging the hosted and built-in defense-in-depth security features of Cisco Industrial Ethernet switches, we gain the visibility, segmentation, and device authentication necessary to detect and contain malware before it can compromise the security and safety of our deployments.”
–  Fabio Oleari, Manager of OT Cybersecurity, E80 Group

We have so much valuable content we want to share with you at the event. Attend our Center Stage Talk, Technical Breakouts, Product and Strategy Overviews, Technical Seminars and other sessions that we have lined up for you. If you are at Cisco Live Vegas, come and find the Cisco Industrial IoT Team at the World of Solutions to experience live demos showcasing our latest portfolio. I look forward to seeing you there!

Share:

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles