When an intruder breaks into a part of your network and begins to look outwards, what does he see? Does he see your PLC and your operational technology, and your databases spread out before him like the world at his fingertips? If your network is micro-segmented with EdgeIPS, he won’t.
When the factory network is “flat”, or made up of just one zone, it’s very difficult to manage – and it’s very difficult to control network traffic! When you micro-segment your network, it becomes much easier. When suspicious behavior takes place within one of your zones, you know immediately. While network segmentation is fast becoming common, the superior protection that micro-segmentation offers is what’s necessary to gain superior ground against modern cyber threats.
The first step to keeping any intruder or malware in the dark and unable to move is a risk assessment that lists your assets and identifies attack surfaces. Risk assessments monitor the rising number of attack surfaces, which are skyrocketing as COVID-19 continues to force people to rely more and more on remote technology. After identifying your assets, you will group them based on which devices need to talk to each other, and deploy EdgeIPS at the gateway node for that zone.
Traditional network security makes use of a perimeter firewall, which leaves your IT-OT network laid out like a buffet table once the bad actor is inside. By breaking up your network into smaller “segments” with limited or “least” privilege, any hacker or malware that makes it through your perimeter defenses finds itself in a dark and ineffective situation.
By setting up EdgeIPS at your gateways, hackers and malware are unable to operate and easy to detect. Solutions like TXOne’s EdgeIPS limit your computers to using only the necessary pathways in your network while shining a light to show you who or what is in your IT-OT underbelly.