Security by Design

New build is an opportunity to get things right - first time!

Think Security First

Don't Compromise

Your new automation network is an opportunity to deploy a robust, high speed, resilient network platform capable of supporting multiple autonomous applications, without compromise. It will become the lifeblood of your OT control and monitoring systems. Failing to include security aspects into the design of new infrastructure would be like providing power circuitry without an earth - to be avoided.

Network life cycle

The inclusion of operational awareness at the design stage of a new network takes a little thought but is can transform security from after thought to a central pillar. Designing an OT network to report on abnormal activity from the outset is not as hard as it sounds, Using standard features as sensors (SNMP/Syslog) and and a good log and event management system, relevant and time synchronized events, notifications and alerts can provide a great insight into how what is happening across a network. Additional sensors can be added, where needed, to look for more specific conditions or indicators of compromise. Any future deployment of more advanced SIEM (security information and event management) systems that apply logic and intelligence to the vast amounts of data generated by discrete devices (switches, routers, firewalls etc) will benefit from this initial monitoring strategy. Further IDS/IPS (intrusion detection and prevention systems) can be implemented to provide the tightest controls on network usage

Remote Support

With a highly secure and fully monitored site wide network, features such as controlled remote access can be provided to authorised maintainers to provide for more effective support without compromising any integrity.

SIEM, IDS & IPS

Alarms and alerts can be time synchronised and centrally collected, SYSLOG or advanced SIEM (security information and event management) systems can apply logic and intelligence to the vast amounts of data generated by discrete devices (switches, routers, firewalls etc). Further IDS/IPS (intrusion detection and prevention systems) can be implemented to provide the tightest controls on network usage.

Training

Operations staff can be trained to perform the L1 role that is typically expected of them with L2 support provided by either Customer day staff or remotely by IT4A.

Automation networks rely upon 5 key technology areas:

"I can honestly say that with IT4A working alongside us we assembled the right team managed to achieve all our goals successfully"

Nuclear Sector,
Project Manager