Zero Belief Community Entry (ZTNA) is a safe distant entry service. It verifies distant customers and grants them entry to the best assets on the proper instances primarily based on id and context insurance policies. That is half 3 in our weblog sequence about ZTNA for operational expertise (OT). Try Half 1 for why ZTNA beats out always-on VPNs for OT distant entry and Half 2 for the way ZTNA reduces the assault floor by limiting entry strategies and verifying distant customers’ safety posture.
Video cameras are all over the place, together with in amenities with the strictest bodily entry controls. Even when you belief a person to enter a delicate space, you continue to want to watch their actions as soon as they’re within the door. Seeing a suspicious exercise, you’ll be able to step in to cease it. And if issues crop up after the go to, reviewing a recording might help pinpoint what went flawed.
Monitoring and recording actions are equally important on the subject of distant customers accessing your OT networks. It’s not sufficient to confirm the id of distant workers, distributors, and contractors. Neither is it sufficient to know who’s linked to what OT/ICS belongings. You additionally must know what customers are doing throughout distant entry classes. Most organizations lack that visibility at this time, a shortcoming for cybersecurity compliance, governance, the flexibility to cease and recuperate from breaches, and incident investigation.
Conveniently, Cisco Safe Gear Entry (SEA) provides you an all-in-one resolution to grant distant entry, implement entry controls, and monitor and file distant session exercise. Listed below are 3 ways you’ll be able to make the most of Cisco SEA to actively management OT distant entry.
1 – Monitor, be a part of, and terminate energetic classes
See a listing of all energetic classes on the Cisco SEA console. By clicking on the session between ‘Person A’ and ‘Asset B’ you’ll be able to watch session actions as they occur, together with instructions despatched to the asset. Watching a vendor configure an OT/ICS asset will be useful for coaching, for instance. And when you see one thing suspicious, like an try to vary the code or a variable in a programmable logic controller (PLC), you’ll be able to terminate the session with a click on and disconnect the distant person. Distant session termination is required by ISA/IEC62443-3-3 FR2.
2 – Keep an entire log of previous classes
Cybersecurity greatest practices require sustaining an in depth historical past of all previous classes, helpful for safety audits, forensic investigations, and regulatory compliance. The EU’s NIS2 Directive, for instance, requires a full audit path for each occasion that impacts important infrastructure and OT safety requirements corresponding to ISA/IEC62443-3-3 require data of all login makes an attempt. Cisco SEA logs each system-generated and user-generated occasions. For instance, overview how distant customers authenticate, together with usernames, time, machine posture, and session actions. Or see who added new customers or new belongings to the system.
3 – Report classes to see what occurred
Optionally file classes for chosen belongings, just by deciding on the asset on the console and checking a field. Recordings enrich your audit path and will be significantly useful for troubleshooting. If an asset like a robotic arm, wind turbine, or freeway signal stops working, for instance, you may uncover {that a} vendor just lately upgraded the software program or made a typo in a brand new configuration. Quicker troubleshooting helps you set the asset again into manufacturing sooner.
Maintain it easy, with an all-in-one resolution for safe tools entry
Summing up, Cisco SEA provides you a single interface to guard your ICS and OT belongings with ZTNA. Require all distant customers to authenticate by means of a single level. Management which belongings they will entry and at what instances. And do what a video digicam does by monitoring all distant session actions and recording information for safety audits.
Study extra about Cisco Safe Gear Entry right here.
Share:
