Network & Security Services (NSS) Because Infrastructure Matters
|
|
- Elijah Greer
- 8 years ago
- Views:
Transcription
1 Network & Security Services (NSS) Because Infrastructure Matters Andrew Ballard Commercial Director Services & Support - EMEA Rev 5058-CO900E
2 THE CONNECTED ENTERPRISE Headquarters Optimized for Rapid Value Creation Supply Chain Integration Collaborative, Demand Driven Compliant and Sustainable PRODUCTIVITY SUSTAINABILITY Smart Grid AGILITY Customers Supply Chain Distribution Center Copyright 2013 Rockwell Automation, Inc. All Rights Reserved. 2
3 BIG DATA and ANALYTICS DRIVERS: 39% Support collaboration 37% Fact-based decision 33% Better ways to serve customers Source: Aberdeen 2 Source: McKinsey & Company Exabytes Manufacturing generates more BIG DATA than any other sector. Real-Time Control in Manufacturing Produces Big Data Copyright 2013 Rockwell Automation, Inc. All Rights Reserved. 3
4 Copyright 2013 Rockwell Automation, Inc. All Rights Reserved.
5 TRANSFORMATION INTEGRATED CONTROL AND INFORMATION ENABLER Common Secure Ethernet Infrastructure Enterprise Infrastructure Automation Infrastructure One Common Environment CONVENTIONAL: SEPARATE IT & AUTOMATION FUTURE: UNIFIED INFRASTRUCTURE Copyright 2013 Rockwell Automation, Inc. All Rights Reserved. 5
6 Manufacturing and IT Convergence Creating challenges and opportunities Technology Convergence Business Innovation Model Business Model Innovation Business Agility Competitive Advantage Network Convergence Organizational Convergence Cultural Convergence Wide Ethernet Deployment Increasing Business Pressures Copyright 2010 Rockwell Automation, Inc. All rights reserved. Copyright 2013 Rockwell Automation, Inc. All Rights Reserved. 6
7 The Evolving, Persistent Security Threat Was the Internet ever designed to be secure? Was your plant-floor network ever really designed? (if not how can it be secure?) Thieves are breaking into networks around the world, companies large and small, governments, agencies and industrial control systems (ICS), are you secure? Technology that helped us grow is also a risk to keeping our company and our customers and partners confidential information safe. Traditional security controls are no longer enough We must respond to these fast growing cyber threats against us, our customers and eco-system partners. Copyright 2013 Rockwell Automation, Inc. All Rights Reserved. 7
8 Manufacturing Security Infographic Source : 2013 DBIR Sixty Two Percent took Months or Years to Discover of breaches took less than a day to execute 53% took months to Only 1 out of 10 were discovered by an internal resource Contain
9 The cost of Industrial Cyber Security* Cyber incidents cost US organizations (no published data for KSA): $558K in revenue losses $481K in brand damage $366K in compliance fines $174K in lost productivity DAY Incidents are costing US industry $6M per day or $20B per year. US industrial cybersecurity maturity is ~5 years ahead Europe & M-E. Companies that implement cybersecurity best practices see the ROI 2½ times less likely to experience a major cyber attack 3½ times less likely to experience unplanned downtime * Source: Belden Industrial Ethernet Infrastructure Design Seminar. Greg Hale, the Editor and Founder of ISSSource.com. October
10 Industrial Cyber Security Cyber Security is not a product. It is state of being. Cyber Security relies on many factors Ongoing collaboration of Customers and Vendors and End-users Use of Technical and Non-technical Security Controls Evolving Policies, Procedures, Practices and Technical controls Sustained and expanded investments that identify and mitigate operational risks to both the Industrial Control System and enterprise. The use of proven technologies, policies & procedures to RISK = Threat Vulnerability Consequence 10
11 4D Industrial Cyber Security People Processes Technology Facilities & Environment Protection of People, Property & Proprietary Information from unintended or malicious actions taken against it 11
12 Industrial Infrastructure Today s Plant Floor - Reality Our Experience Conventional Servers Large installed base of proprietary networks Protocol converters prevalent Limited plant-floor segmentation or security Single point of failure is common-place Insecure Remote Access solutions Limited Governance - lack of policies and procedures Large installed base of aging server infrastructure & legacy operating systems No process for patching or endpoint anti-virus protection with negative impact to production Server sprawl - more applications, growing business requirements, (one application/server) Lack of plant based on-site IT resource. Disparate Flat Networks
13 Industrial Infrastructure Common Customer Pain Points Inefficiency Vulnerability Inflexibility Fear of Lock-In Low Competency in Market (automation/it) Networks Evolved over Time (never designed) High MTTR (issue identification/resolution) High Capital Expense Security is After Thought Aging Industrial Control Systems Commonly Reported Business Disruptions Evolving Industrial Security Standards Project Dependence upon IT Organization Lack of Scalable Architectures Legacy Asset Islands Too Much Data, Lack of Actionable Information Heterogeneous Control Environments New Technologies (e.g. Big data, mobile, cloud) Rapidly Evolving Proprietary Network Protocols Rapidly Evolving Industrial IT Environment
14 RA Network & Security Services team: Life Cycle Approach to Services and Solutions ASSESS DESIGN IMPLEMENT VALIDATE MANAGE 14
15 Network and Security Services What we deliver! Agility Choice Reduced CapEx,OpEx and total cost of ownership Reduced Risk while Improving Overall Equipment Effectiveness (OEE) Reduced project dependence upon IT organization Long software lifecycle vs. short hardware lifecycle Network Scalability, Virtualization Economics, Reduction in Support Security without Sacrificing Productivity Bring new assets online in days vs. weeks Your Control System, Your Infrastructure
16 Why Rockwell Automation Network and Security Services (NSS) Differentiation Converged skill set of operational technology (OT) and information technology (IT) Experience across industrial control applications and networks Breadth of industry standard committee (ISA, NIST, INL, DHS ) participation Ability to address security risks without sacrificing productivity Full life cycle service offering with global delivery capability Network & Security Services For plant personnel, who need secure industrial infrastructure, NSS is a team of industrial automation and IT experts that assess, implement and support plant-wide network infrastructure. Unlike large IT vendors and resellers, we offer a comprehensive and tailored solution that balances both IT requirements and production goals of your company. Because Infrastructure Matters
17 Example Bio of Our Team Members Principal Network & Security Consultant, Network & Security Services CISSP (Certified Information Systems Security Professional) CISA (Certified Information Systems Auditor) ISO 27001:2005 Lead Auditor COBIT Foundation Certificate ITIL Foundation Certificate CCNP (CISCO Certified Networking Professional Security Certificate) CISCO IPS Specialist CISCO Firewall Specialist CISCO Information Security Specialist Additional Certs and Awards: CISCO SND: Securing Network Devices, CISCO SNRS: Securing Networks with Cisco Routers and Switches, CISCO SNPA: Securing Networks with PIX and ASA, CISCO CCNA: Certified Network Associate CISCO Systems Infrastructure and Ethical Hacking Instructor 5+ Years Industrial Control System Experience Network and Security Infrastructure Team Leadership and Project Management: o High Level Design/Low Level Design multi-sector: IACS and Critical Infrastructure, Data Centre, Internet Service Provider, Multi-Enterprise Sectors, Risk Management, Business Continuity & Disaster Recovery Planning, Incident Response (Government & multiple private sectors) Team Leader and Project Manager implementing and auditing ISO/IEC in multiple Government Units Team Leader implementing Secure Development Lifecycle in multiple Government Units SIEM (Security Information and Event Management) complex heterogeneous strategies & deployments across multiple public/private Sectors Offensive Penetration Tester and Security Assessments across multiple public/private Sectors Multi-Vendor deployment : CISCO, JUNIPER, Checkpoint, HP, Hirschmann, Fortinet, F5, ArcSight, Palo Alto Networks, Tipping Point, RSA, Bluecoat, etc. 17
18 Connected Enterprise Collaboration of Partners Rockwell Automation Cisco Panduit Microsoft VMWare Rockwell Automation and Partner Portfolio Automation & Process Control and Information Solutions Wireless, Security, Switching & Routing Physical Layer Network Infrastructure Operating Systems, Database / Cloud Infrastructure, & Application Security Data Center Virtualization
19 Our Services Support Standards; Converged Plant-wide Ethernet (CPwE) ERP, , Wide Area Network (WAN) Enterprise Zone Levels 4 and 5 Patch Management Remote Gateway Services Application Mirror AV Server FactoryTalk Application Servers View Historian AssetCentre, Transaction Manager FactoryTalk Services Platform Racks Catalyst Patching 6500/4500 Cable Management Copper/Fiber Directory Remote Catalyst 3750 Security/Audit Data Servers Access Server Gbps Link for Failover Detection Firewall (Active) Firewall (Standby) Cisco ASA 5500 StackWise Switch Stack Demilitarized Zone (DMZ) Plant Firewall: Inter-zone traffic segmentation ACLs, IPS and IDS VPN Services Portal and Terminal Server proxy Industrial Zone Site Operations and Control Level 3 Network Services DNS, DHCP, syslog server Network and security mgmt Industrial Data Center (IDC) NSS Services Security Services Cell/Area Zones Levels 0 2 Copper, Fiber, Wireless Testers Network Discovery Protocol Statistics Drive Controller HMI I/O Cell/Area Zone #1 Redundant Star Topology Flex Links Resiliency I/O Rockwell Automation Stratix 8000 Layer 2 Access Switch Controller I/O HMI Drive Cell/Area Zone #2 Ring Topology Resilient Ethernet Protocol (REP) Physical Logical Common Framework Toolsets HMI I/O Cell/Area Zone #3 Bus/Star Topology Controller Drive End Device Control Panel Network Zone 19
20 This image cannot currently be displayed. This image cannot currently be displayed. High Emphasis on Security Converged Plant-wide Ethernet Security Solutions Structured and Hardened IACS Network Infrastructure Industrial Data Center design & implementation Industrial security policy Pervasive security, not a bolt-on component Security framework utilizing defense-in-depth approach Industrial DMZ implementation Remote partner access policy, with robust & secure implementation Standard DMZ Design Best Practices Enterprise Zone Levels 4-5 Industrial Demilitarized Zone (IDMZ) Physical or Virtualized Servers Patch Management Remote Gateway Services Application Mirror AV Server AAA - Application Authentication Server, Active Directory (AD), AAA - Network Remote Access Server Level 3 Site Operations FactoryTalk Client Client Hardening Level 2 Area Supervisory Control Controller Hardening, Encrypted Communications VLANs, Segmenting Domains of Trust Unified Threat Management (UTM) Controller Hardening, Physical Security VLANs Controller Level 1 - Controller Catalyst 3750 StackWise Switch Stack Enterprise WAN Cisco ASA 5500 Firewall (Active) Network Status and Monitoring Catalyst 6500/4500 Controller Controllers, I/O, Drives Firewall (Standby) I/O HMI Level 0 - Process Plant Firewall: Inter-zone traffic segmentation ACLs, IPS and IDS VPN Services Portal and Terminal Server proxy Drive Network Device Resiliency Network Infrastructure Access Control and Hardening Physical Port Security MCC Soft Starter 20
21 Delivering Network Convergence What are the similarities and differences? 21
22 Plant-Floor and Enterprise Requirements Policies - Similarities and Differences Focus Precedence of Priorities Types of Data Traffic Access Control Implications of a Device Failure Threat Protection Upgrades Plant-Floor Network 24/7 Operations, High OEE Availability Integrity Confidentiality Converged Network of Data, Control, Information, Safety and Motion Strict Physical Access Simple Network Device Access Production is Down ($$ s/hour or Worse) Isolate Threat but Keep Operating Scheduled During Downtime Enterprise Network Protecting Intellectual Property and Company Assets Confidentiality Integrity Availability Converged Network of Data, Voice and Video Strict Network Authentication and Access Policies Work-around or Wait Shut Down Access to Detected Threat Automatically Pushed During Uptime 22
23 Network & Security Services: Life Cycle Approach to Services and Solutions ASSESS DESIGN IMPLEMENT VALIDATE MANAGE 23
24 Assessment Service Assessment Process: On site customer collaboration Assess all layers of OSI model Physical layer Logical layer Application layer Defense in Depth security evaluation Assess against industry and company standards Deliverables Detailed report of findings Prioritized critical issues Remediation's/suggestions Standard: on site observational and interview based Comprehensive: on site technically determined via tools ASSESS DESIGN IMPLEMENT VALIDATE MANAGE
25 Design Service Network Design Deliverable Package Functional Requirements Bill of Material Cable Selection Physical Hardware Connectivity Access and Distribution Layer Topology Physical Layer Drawings VLANs Addressing schema Switch and Network Configuration Redundancy Remote Access Security Standard: logical and physical conceptual design Comprehensive: detailed logical, physical with ports and protocols design ASSESS DESIGN IMPLEMENT VALIDATE MANAGE
26 Implementation Services Implementation Package Procurement Configuration Installation Testing Start Up Transition to Support Turn Key Projects: Based on RA Design Service Pre-Engineered Solutions: Industrial Data Center, Industrial De-Militarized Zone, Zone Enclosures, Secure Remote Access Custom: based on the role you need RA NSS to play (materials, labor, project mgmt) ASSESS DESIGN IMPLEMENT VALIDATE MANAGE The Power of Rockwell Automation Partnerships
27 Industrial Data Center Your Cost Effective Gateway to Virtualization Industry-leading partners collaborating with Rockwell Automation to help your business realize the benefits of virtualization through a pre-engineered, scalable infrastructure offering. Complete turn key solution including: Hardware Software Factory assembly On-site configuration Documentation TechConnect SM support Model Shown: E2000 Standard pre-engineered industrial solution to simplify deployment making commissioning and maintenance easier, scalable, and more supportable. 27
28 What is Virtualization? Traditionally the OS and its applications were tightly coupled to the hardware they were installed on Virtualization breaks the link between operating system and physical hardware This allows the ability to change hardware without replacing the OS or applications Additionally multiple instances of an OS with independent applications can now run on the same hardware Application Application Application Operating Hypervisor System
29 Server Consolidation Many physical servers - Under utilized - Requiring maintenance - Generating heat - Consuming energy Fewer physical servers More efficiently utilized Easier to maintenance Generating less heat Consuming less energy
30 IDC Supports Server Consolidation Supports more than 150 virtual machines Up to 3 Cisco C240M3 servers with 128GB RAM 2 - Cisco 3750X switches with 48 ports EMC VNXe 3150 storage with 10K SAS disks giving 9 TB usable storage Support VMware HA, FT and application redundancy Room to expand with 3 additional servers, additional RAM and 50 additional disk Room for in rack network equipment
31 Reliability: High Availability Automatic restart of failed virtual machines Resource Pool VMware ESXi VMware ESXi VMware ESXi Operating Server Operating Failed Server Operating Server
32 Reliability: VMware Fault Tolerance Simultaneous execution across two physical servers No Reboot Seamless Cutover VMware ESXi VMware ESXi VMware ESXi OperatingServer OperatingServer Failed OperatingServer
33 Increasing Uptime and Availability Local Site Failover Site vsphere vsphere vsphere vsphere vsphere Local Availability vsphere High Availability vsphere Fault Tolerance vmotion and Storage vmotion Disaster Recovery vcenter Site Recovery Manager Includes vsphere Replication Data Protection vsphere Data Recovery Storage APIs for Data Protection
34 Implementation Services The Power of Collaboration Implementation solutions typically include: Engineering Design from Rockwell Automation Servers and switches from Cisco Cables, patch cords, cable management, testing, validation, and assembly from Panduit Storage from EMC² Virtualization software from VMWare Hardware & Software Support from Rockwell Automation ASSESS DESIGN IMPLEMENT VALIDATE MANAGE 34
35 Validation Service Validation Deliverable Package Audit current architecture compared to governing body (ODVA, IEEE, ANSI, TIA, ISA-95) Audit security program compared to governing body (NERC CIP, ISA-99, NIST , NIST ) Services includes all networks Data Highway DeviceNet ControlNet Ethernet Fieldbus Standard: known industry standard Custom: customer specific standard ASSESS DESIGN IMPLEMENT VALIDATE MANAGE
36 Scalable Infrastructure Support TechConnect Managed Services Remote Support Services RA Tech Support has Certified personal on staff CCNP (Cisco Network Professional) CCNA (Cisco Network Associate) CCNA Security (Cisco Security) CCENT (Entry Network Technician) CCISP (Information Systems Security Professional) VMware Certified Associate VMware Certified Professional Infrastructure Administration Asset Health Monitoring One number to call for support Infrastructure TechConnect Secure Remote Access Value ASSESS DESIGN IMPLEMENT VALIDATE MANAGE 36
37 Complete Support Infrastructure Hardware and Software Applications Customer Rockwell will monitor and alarm Customer will own and manage Operating System Hypervisor Device Layer Network Layer Rockwell Automation Rockwell will monitor and manage the operating system, hypervisor, physical server stack including the rack, hosts, memory, storage area network (SAN), and uninterruptible power supply (UPS). Environment Customer Customer will be responsible for the physical space including maintaining proper ambient conditions, security and power
38 For additional information PlantPAx: O&G information: Download Process Safebook: Check out the Process demo on the show floor Request a PlantPax Demo: Join us at PSUG & AF:
39 Follow ROKAutomation on Facebook & Twitter. Connect with us on LinkedIn. Rev 5058-CO900F
Network & Security Services Rockwell Automation s Specialist team of Network & Security Specialists
Network & Security Services Rockwell Automation s Specialist team of Network & Security Specialists Sonny Kailola Customer Support & Maintenance (CSM) Rev 5058-CO900D Copyright 2015 Rockwell Automation,
More informationSecuring The Connected Enterprise
Securing The Connected Enterprise Pack Expo 2015 Las Vegas Chelsea An Business Development Lead, Network & Security PUBLIC Copyright 2015 Rockwell Automation, Inc. All Rights Reserved. 8 Connected Enterprise
More informationPR03. High Availability
PR03 High Availability Related Topics NI10 Ethernet/IP Best Practices NI15 Enterprise Data Collection Options NI16 Thin Client Overview Solution Area 4 (Process) Agenda Overview Controllers & I/O Software
More informationT46 - Integrated Architecture Tools for Securing Your Control System
T46 - Integrated Architecture Tools for Securing Your Control System PUBLIC PUBLIC - 5058-CO900G Copyright 2014 Rockwell Automation, Inc. All Rights Reserved. The Connected Enterprise PUBLIC Copyright
More informationEase Server Support With Pre-Configured Virtualization Systems
Ease Server Support With Pre-Configured Virtualization Systems Manufacturers and industrial production companies are increasingly challenged with supporting the complex server environments that host their
More informationSimplifying the Transition to Virtualization TS17
Simplifying the Transition to Virtualization TS17 Name Sandeep Redkar Title Manager Process Solutions Date 11 th February 2015 Agenda Overview & Drivers Virtualization for Production Rockwell Automation
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationVirtualization In Manufacturing Industries. Copyright 2012 Rockwell Automation, Inc. All rights reserved.
Virtualization In Manufacturing Industries Rev 5058-CO900C What is Virtualization? Traditionally the OS and its applications were tightly coupled to the hardware they were installed on Virtualization breaks
More informationAUP28 - Implementing Security and IP Protection
AUP28 - Implementing Security and IP Protection Features in the Integrated Architecture Mads Laier DK Commercial Engineer Logix & Networks Rev 5058-CO900E Agenda Why IACS Security Now! Defense in depth
More informationNetwork Security Trends & Fundamentals of Securing EtherNet/IP Networks
Network Security Trends & Fundamentals of Securing EtherNet/IP Networks Presented by Rockwell Automation Industrial Network Security Trends Security Quips "Good enough" security now, is better than "perfect"
More informationThe Internet of Things (IoT) and Industrial Networks. Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe 2015
The Internet of Things (IoT) and Industrial Networks Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe 2015 Increasingly Everything will be interconnected 50 Billion Smart Objects
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationIndustrial Security in the Connected Enterprise
Industrial Security in the Connected Enterprise Presented by Rockwell Automation 2008 Cisco Systems, Inc. and Rockwell Automation, Inc. All rights reserved. THE CONNECTED ENTERPRISE Optimized for Rapid
More informationAUP28. Implementing Security In Integrated Architecture Practical security solutions for Industrial Control System (ICS)
AUP28 Implementing Security In Integrated Architecture Practical security solutions for Industrial Control System (ICS) Clive Barwise, Rockwell Automation European Product Manager Networks and Security
More informationREFERENCE ARCHITECTURES FOR MANUFACTURING
Synopsis Industry adoption of EtherNet/IP TM for control and information resulted in the wide deployment of standard Ethernet in manufacturing. This deployment acts as the technology enabler for the convergence
More informationSecuring the Connected Enterprise
Securing the Connected Enterprise ABID ALI, Network and Security Consultant. Why Infrastructure Matters Rapidly Growing Markets Global Network Infrastructure and Security Markets 13.7% CAGR over the next
More informationPlant-wide Network Infrastructure. Copyright 2012 Rockwell Automation, Inc. All rights reserved.
Plant-wide Network Infrastructure Agenda Additional On-site Information EtherNet/IP Considerations Logical Design Considerations Physical Layer Design Consideration Testing Considerations Plant-Floor and
More informationScalable Secure Remote Access Solutions
Scalable Secure Remote Access Solutions Jason Dely, CISSP Principal Security Consultant jdely@ra.rockwell.com Scott Friberg Solutions Architect Cisco Systems, Inc. sfriberg@cisco.com Jeffrey A. Shearer,
More informationPhysical Infrastructure for a Resilient Converged Plantwide Ethernet Architecture
Physical Infrastructure for a Resilient Converged Plantwide Ethernet Architecture Industrial Ethernet networking is advancing technology applications throughout the plant. These applications are rapidly
More informationChoosing the correct Time Synchronization Protocol and incorporating the 1756-TIME module into your Application
Choosing the correct Time Synchronization Protocol and incorporating the 1756-TIME module into your Application By: Josh Matson Various Time Synchronization Protocols From the earliest days of networked
More informationProduction Software Within Manufacturing Reference Architectures
Production Software Within Manufacturing Reference Architectures Synopsis Industry adoption of EtherNet/IP for control and information has driven the wide deployment of standard Ethernet for manufacturing
More informationManufacturing and the Internet of Everything
Manufacturing and the Internet of Everything Johan Arens, CISCO (joarens@cisco.com) Business relevance of the Internet of everything Manufacturing trends Business imperatives and outcomes A vision of the
More informationWhite Paper A Manufacturing Network Fabric Maturity Model
White Paper October 2015 WP-24 A Manufacturing Network Fabric Maturity Model Simplify planning for an IoT information enabled manufacturing environment Introduction The Internet of Things (IoT) is expected
More informationPlantPAx op weg naar Connected Enterprise.
AUP 46 PlantPAx op weg naar Connected Enterprise. Wim van der Heide Solution Architect Copyright 2015 Rockwell Automation, Inc. All rights reserved. 2 Agenda 1. Waarom zou u moeten migreren? 1. Connected
More informationNetwork & Security Services. Because Infrastructure Matters
Network & Security Services Because Infrastructure Matters Network & Security Services Manufacturing Convergence merging IT and manufacturing systems has created the need for coexistence and interoperability
More informationSecure Remote Support
Secure Remote Support - Monitor, Manage, Configure remote assets - Cloud Based Data Collection Tom Peshek Program Manager Remote Services and Support - 5058-CO900G Remote Monitoring and Diagnostics Value
More informationControlLogix and CompactLogix 5370 Segmentation Methods for Plant-wide/ Site-wide Networks with OEM Convergence-ready Solutions
Network Segmentation Methodology Application Guide ControlLogix and CompactLogix 5370 Segmentation Methods for Plant-wide/ Site-wide Networks with OEM Convergence-ready Solutions By Josh Matson and Gregory
More informationComputer System Security Updates
Why patch? If you have already deployed a network architecture, such as the one recommended by Rockwell Automation and Cisco in the Converged Plantwide Ethernet Design and Implementation Guide (http://www.ab.com/networks/architectures.html),
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationTF02 Virtualization in Manufacturing
TF02 Virtualization in Manufacturing PUBLIC INFORMATION Copyright 2014 Rockwell Automation, Inc. All Rights Reserved. 2 Agenda Overview Virtualization for Engineers Virtualization for Production Virtualization
More informationSecuring Manufacturing Computing and Controller Assets
Securing Manufacturing Computing and Controller Assets Rockwell Automation and Cisco Four Key Initiatives: Common Technology View: A single system architecture, using open, industry standard networking
More informationDesign Considerations for Securing Industrial Automation and Control System Networks
Design Considerations for Securing Industrial Automation and Control System Networks Synopsis Rockwell Automation and Cisco Four Key Initiatives: Common Technology View: A single system architecture, using
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More informationSmart Data Center Solutions
Smart Data Center Solutions New Data Center Challenges Require New Solutions Data Center Architecture. Inside and Out. Data centers are mission-critical facilities. A silo-based approach to designing,
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationData Center Solutions
Data Center Solutions New Data Center Challenges Require New Solutions Data Center Architecture. Inside and Out. Data centers are mission-critical facilities. A silo-based approach to designing, deploying
More informationThe Production Cloud
The Production Cloud The cloud is not just for backup storage, development projects and other low-risk applications. In this document, we look at the characteristics of a public cloud environment that
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationHow Much Cyber Security is Enough?
How Much Cyber Security is Enough? Business Drivers of Cyber Security Common Challenges and Vulnerabilities Cyber Security Maturity Model Cyber Security Assessments September 30, 2010 Business in the Right
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationScalable, Secure Remote Monitoring Solutions Stay a step ahead by remotely monitoring your critical assets
Scalable, Secure Remote Monitoring Solutions Stay a step ahead by remotely monitoring your critical assets PUBLIC PUBLIC - 5058-CO900G Why Is This Important? What s Driving This Need? Customer Impact It
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationVMware vcloud Networking and Security
VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility
More informationSecuring Manufacturing Control Networks. Alan J. Raveling, CISSP November 2 nd 5 th Pack Expo 2014
Securing Manufacturing Control Networks Alan J. Raveling, CISSP November 2 nd 5 th Pack Expo 2014 As Internet-enabled technologies such as cloud and mobility grow, the need to understand the potential
More informationDMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
More informationIP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
More informationIT Networking and Security
elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer
More informationIntroduction to VMware EVO: RAIL. White Paper
Introduction to VMware EVO: RAIL White Paper Table of Contents Introducing VMware EVO: RAIL.... 3 Hardware.................................................................... 4 Appliance...............................................................
More informationIACS Network Security and the Demilitarized Zone
CHAPTER 6 IACS Network Security and the Demilitarized Zone Overview This chapter focuses on network security for the IACS network protecting the systems, applications, infrastructure, and end-devices.
More informationINTRODUCTION TO VMWARE PRODUCT SUITE: VIRTUALIZATION SOLUTIONS
explore EXPO INTRODUCTION TO VMWARE PRODUCT SUITE: VIRTUALIZATION SOLUTIONS Jim Lass, Information Solutions Manager, Van Meter Inc. Jason Sinclair, IT Systems Engineer, Van Meter Inc. explore EXPO Agenda
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationREMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION
REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION The modern data centre has ever-increasing demands for throughput and performance, and the security infrastructure required to protect and segment the network
More informationAUD20 - Industrial Network Security
AUD20 - Industrial Network Security Lesley Van Loo EMEA Senior Commercial engineer - Rockwell Automation Rev 5058-CO900B Copyright 2012 Rockwell Automation, Inc. All rights reserved. 2 Agenda Connected
More informationHow To Create An Intelligent Infrastructure Solution
SYSTIMAX Solutions Intelligent Infrastructure & Security Using an Internet Protocol Architecture for Security Applications White Paper July 2009 www.commscope.com Contents I. Intelligent Building Infrastructure
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationKey Considerations for Operationalizing the Connected Industrial Enterprise
Key Considerations for Operationalizing the Connected Industrial Enterprise Improving Competitiveness with Information: Insights from the Rockwell Automation Connected Enterprise Journey 2 Key Considerations
More informationPhysical Infrastructure Management Solutions
Physical Infrastructure Management Solutions Physical Infrastructure Challenges Require Innovative Solutions The Need for In-Depth Network Intelligence. With increased acceptance of virtualization, cloud
More informationNET ACCESS VOICE PRIVATE CLOUD
Page 0 2015 SOLUTION BRIEF NET ACCESS VOICE PRIVATE CLOUD A Cloud and Connectivity Solution for Hosted Voice Applications NET ACCESS LLC 9 Wing Drive Cedar Knolls, NJ 07927 www.nac.net Page 1 Table of
More informationNetwork Virtualization
. White Paper Network Services Virtualization What Is Network Virtualization? Business and IT leaders require a more responsive IT infrastructure that can help accelerate business initiatives and remove
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationCA Cloud Overview Benefits of the Hyper-V Cloud
Benefits of the Hyper-V Cloud For more information, please contact: Email: sales@canadianwebhosting.com Ph: 888-821-7888 Canadian Web Hosting (www.canadianwebhosting.com) is an independent company, hereinafter
More informationT46 PlantPAx Physical Infrastructure: Virtualized Micro Data Center Case Study. November 08, 2012
T46 PlantPAx Physical Infrastructure: Virtualized Micro Data Center Case Study November 08, 2012 1. Why use virtualization in manufacturing? 2. PlantPAx virtualization 3. Physical Infrastructure: Best
More informationTABLE OF CONTENTS NETWORK SECURITY 2...1
Network Security 2 This document is the exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors
More informationCONTROL LEVEL NETWORK RESILIENCY USING RING TOPOLOGIES. Joseph C. Lee, Product Manager Jessica Forguites, Product Specialist
CONTROL LEVEL NETWORK RESILIENCY Written by: Joseph C. Lee, Product Manager Jessica Forguites, Product Specialist DANGER 65 65 65 65 65 65 65 65 EtherNet/IP 1 3 4 5 6 LINK 1 LINK MOD NET 15 14 13 1 11
More informationINTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT
Utilities WHITE PAPER May 2013 INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Table of Contents Introduction...3 Problem Statement...4 Solution Requirements...5 Components of an Integrated
More informationBuilding the Virtual Information Infrastructure
Technology Concepts and Business Considerations Abstract A virtual information infrastructure allows organizations to make the most of their data center environment by sharing computing, network, and storage
More informationVMware vsphere 4.1. Pricing, Packaging and Licensing Overview. E f f e c t i v e A u g u s t 1, 2 0 1 0 W H I T E P A P E R
VMware vsphere 4.1 Pricing, Packaging and Licensing Overview E f f e c t i v e A u g u s t 1, 2 0 1 0 W H I T E P A P E R Table of Contents Executive Summary...................................................
More informationBuilding a Reporting and Analytics System Connected Enterprise Seminar
Manufacturing Intelligence, de stuwende kracht om in een Connected Enterprise snel accurate beslissingen te nemen om de bedrijfsprestaties te optimaliseren. Building a Reporting and Analytics System Connected
More informationAlcatel-Lucent Services
SOLUTION DESCRIPTION Alcatel-Lucent Services Security Introduction Security is a sophisticated business and technical challenge, and it plays an important role in the success of any network, service or
More informationData Center Networking Designing Today s Data Center
Data Center Networking Designing Today s Data Center There is nothing more important than our customers. Data Center Networking Designing Today s Data Center Executive Summary Demand for application availability
More informationGE Measurement & Control. Cyber Security for Industrial Controls
GE Measurement & Control Cyber Security for Industrial Controls Contents Overview...3 Cyber Asset Protection (CAP) Software Update Subscription....4 SecurityST Solution Options...5 Centralized Account
More informationDecrease your HMI/SCADA risk
Decrease your HMI/SCADA risk Key steps to minimize unplanned downtime and protect your organization. Are you running your plant operations with serious risk? Most industrial applications lack recommended
More informationSecuring Process Control Systems
Securing Process Control Systems Bradford H. Hegrat, CISSP, CISM Sr. Principal Security Consultant Network & Security Services Rockwell Automation Process Solutions User Group (PSUG) November 14-15, 2011
More informationWhite Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.
White Paper Juniper Networks Solutions for VMware NSX Enabling Businesses to Deploy Virtualized Data Center Environments Copyright 2013, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3
More informationArchitecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
More informationVMware vcloud Networking and Security Overview
VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationAL RAFEE ENTERPRISES Solutions & Expertise.
AL RAFEE ENTERPRISES Solutions & Expertise. Virtualization Al Rafee has strategically made substantial investment in building up a large end to end portfolio of Virtualization across the entire IT infrastructure
More informationAluminium Smelter Benefits from New Approach to Networking
Aluminium Smelter Benefits from New Approach to Networking Customer Case Study One of world s largest aluminium smelters uses Ethernet-to-the-Factory to improve manufacturing efficiency. EXECUTIVE SUMMARY
More informationVirtualization Essentials
Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically
More informationEMC Integrated Infrastructure for VMware
EMC Integrated Infrastructure for VMware Enabled by EMC Celerra NS-120 Reference Architecture EMC Global Solutions Centers EMC Corporation Corporate Headquarters Hopkinton MA 01748-9103 1.508.435.1000
More informationPivot3 Desktop Virtualization Appliances. vstac VDI Technology Overview
Pivot3 Desktop Virtualization Appliances vstac VDI Technology Overview February 2012 Pivot3 Desktop Virtualization Technology Overview Table of Contents Executive Summary... 3 The Pivot3 VDI Appliance...
More informationCYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric Challenges What challenges are there for Cyber Security in Industrial
More informationInformation Technology Cluster
Network Systems Pathway Information Technology Cluster Assistant Network Technician -- This major prepares students to install, configure, operate, and connections to remote sites in a wide area network
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationAchieving Secure, Remote Access to Plant-Floor Applications and Data
Achieving Secure, Remote Access to Plant-Floor Applications and Data Abstract To increase the flexibility and efficiency of production operations, manufacturers are adopting open networking standards for
More informationCisco Intercloud Fabric for Business
Data Sheet Cisco Intercloud Fabric for Business Combining the Benefits of Public and Private Clouds in a Hybrid Cloud Cisco Intercloud Fabric for Business enables enterprises to create a seamless hybrid
More informationUnlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre
Unlock the full potential of data centre virtualisation with micro-segmentation Making software-defined security (SDS) work for your data centre Contents 1 Making software-defined security (SDS) work for
More informationCloud Optimize Your IT
Cloud Optimize Your IT Windows Server 2012 The information contained in this presentation relates to a pre-release product which may be substantially modified before it is commercially released. This pre-release
More informationProduct Overview. UNIFIED COMPUTING Managed Hosting Compute Data Sheet
Product Overview Interoute provide our clients with a diverse range of compute options delivered from our 10 carrier-class data centre facilities. Leveraging our extensive and diverse next generation IP
More informationReducing the Cost and Complexity of Business Continuity and Disaster Recovery for Email
Reducing the Cost and Complexity of Business Continuity and Disaster Recovery for Email Harnessing the Power of Virtualization with an Integrated Solution Based on VMware vsphere and VMware Zimbra WHITE
More informationHealth Care Solutions
Health Care Solutions Increase Service Levels, Meet Expectations A Unified Approach to Health Care Automation Processes Hospitals, clinics, extended care facilities, and physician s offices are facing
More informationUbuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure
TECHNICAL WHITE PAPER Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure A collaboration between Canonical and VMware
More informationExpert Reference Series of White Papers. Visions of My Datacenter Virtualized
Expert Reference Series of White Papers Visions of My Datacenter Virtualized 1-800-COURSES www.globalknowledge.com Visions of My Datacenter Virtualized John A. Davis, VMware Certified Instructor (VCI),
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More information