The Need to Be Innovative and Agile. Bridging the IT/OT Divide Using Software-defined Solutions

Similar documents
IT Security and OT Security. Understanding the Challenges

Software defined networking. Your path to an agile hybrid cloud network

Securing the Virtualized Data Center With Next-Generation Firewalls

The promise of SDN. EU Future Internet Assembly March 18, Yanick Pouffary Chief Technologist HP Network Services

VMware vcloud Networking and Security Overview

Leveraging SDN and NFV in the WAN

Virtualization, SDN and NFV

Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start?

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

How To Build A Software Defined Data Center

SOFTWARE DEFINED NETWORKING

Agile Cloud Architecture for TDM and Architects

Innovative Defense Strategies for Securing SCADA & Control Systems

Cloud Computing for SCADA

Power Generator Switching for Power Engineers Inc. with. Distrix Software Defined Infrastructure. A Distrix Networks Case Study.

THE REVOLUTION TOWARDS SOFTWARE- DEFINED NETWORKING

SDN and NFV in the WAN

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

An Application-Centric Infrastructure Will Enable Business Agility

On the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks

Cloud, SDN and the Evolution of

TOP 5 REASONS WHY FINANCIAL SERVICES FIRMS SHOULD CONSIDER SDN NOW

Simplifying Data Data Center Center Network Management Leveraging SDN SDN

Software Defined Network (SDN)

How To Transform Insurance Through Digital Transformation

Virtualization Technologies in SCADA/EMS/DMS/OMS. Vendor perspective Norman Sabelli Ventyx, an ABB company

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

Software Defined Networking (SDN) Networking excellence Maniyan Sundaresan

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Understanding the Business Case of Network Function Virtualization

IO Visor: Programmable and Flexible Data Plane for Datacenter s I/O

PLCs and SCADA Systems

Network Virtualization

Software Defined Networking and Network Virtualization

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

Software Defined Networking and Network Virtualization

Business Cases for Brocade Software-Defined Networking Use Cases

Virtual Application Networks Innovations Advance Software-defined Network Leadership

A Look at the New Converged Data Center

Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise

Session 14: Functional Security in a Process Environment

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Using SouthBound APIs to build an SDN Solution. Dan Mihai Dumitriu Midokura Feb 5 th, 2014

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Shifting Roles for Security in the Virtualized Data Center: Who Owns What?

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

Testing Challenges for Modern Networks Built Using SDN and OpenFlow

Outline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture

When SDN meets Mobility

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

What is SDN? And Why Should I Care? Jim Metzler Vice President Ashton Metzler & Associates

A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014.

Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems

Juniper Networks MetaFabric Architecture

Critical Controls for Cyber Security.

Why a Server Infrastructure Refresh Now and Why Dell?

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions

Extreme Networks Solutions for Microsoft Skype for Business Deployments SOLUTION BRIEF

Software-Defined Storage Extending the Power of Your Datacenter Eric Tsai Senior Technic Architect Presale Division Enterprise Group Taiwan

ISACA rudens konference

How To Compare The Cost Of A Microsoft Private Cloud To A Vcloud With Vsphere And Vspheon

Business Values of Network and Security Virtualization

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager

Center SDN & NFV. Modern Data IN THE

Flexible SDN Transport Networks With Optical Circuit Switching

Tufin Orchestration Suite

Secure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco

The Last Piece of the Puzzle From Legacy to SDN and NFV. Benjamin Then

Swisscom Cloud. Building a secure cloud. SIGS, Christof Jungo

Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack

Mock RFI for Enterprise SDN Solutions

The Mandate for a Highly Automated IT Function

The Role of Virtual Routers In Carrier Networks

Maginatics Cloud Storage Platform A primer

場次: Track B-2 公司名稱: EMC 主講人: 藍基能

Are you prepared to be next? Invensys Cyber Security

David Corriveau, CEO Radix Technologies. Copyright 2011 Radix Technologies

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Debunking the Myths: An Essential Guide to Software-Defined Networking April 17, 2013

Software Defined Environments

Securely Connect, Network, Access, and Visualize Your Data

Transcription:

The Need to Be Innovative and Agile Bridging the IT/OT Divide Using Software-defined Solutions

IT & OT Think & Behave Differently IT View We run the network OT is the wild, wild west OT doesn t understand the security risks they can cause We need to put it into the plan I must keep on top of the latest tech to operate and protect our services My language is routers, switches, VLANS, TCP/IP, etc. OT View We run the company IT doesn t respond to our needs IT doesn t get that customers won t be served if we can t respond I need it now I work on equipment that has 10, 20, 50 year life expectancies My language is SCADA, PLCs, Modbus, LonWorks, etc. 2

Here s the Challenge Network complexity has gotten out of control. 3

Here s the Challenge Networks are under constant attack. 4

Here s the Challenge Networks are highly prone to human errors. 5

Here s the Challenge And networks are horribly expensive to operate. 6

Data Breaches Are Commonplace Data breaches are occurring with greater frequency Target, Home Depot, JPMorgan Chase, Sear, etc. Alarming Gap in Critical Infrastructure Security Cyber attacks on physical infrastructure such as water, gas, power, transportation, and manufacturing is growing too Espionage breaches growing faster than financial events Verizon Data Breach Investigations Report - 2014 70% of critical infrastructure organizations reported at least one breach in the past 12 months Unisys Research July 2014 7

Industrial Networks Can Be Easy to Hack What is secure today is unsecure tomorrow. http://www.shodanhq.com http://www.metasploit.com 8

WW III Likely to Happen Over the Internet Russia accused of installing a cyber weapon on a U.S. firm s servers that stores military secrets. Oct 28, 2014

It Gets Even Worse Legacy applications need to be integrated. And 100B new IoT devices to be connected. 10

A Software-defined World Can Bridge IT/OT Divide 11

Software-defined Anything Software-defined datacenters Software-defined servers Software-defined storage Software-defined security Software-defined networks

Software-defined Defined In a software defined world, Infrastructure is abstracted from the underlying HW, generally through virtualization or overlays, while underlying resources are pooled, and everything is Managed via software single pane of glass 13

Why Software-defined Networking? Infinitely more flexible Independently improve software and hardware Leverage low-cost, commercial-off-the-shelf hardware Consolidate multiple, independent devices into software Simpler, more efficient, lower cost Capable of micro-segmentation 14

Business Needs Remote connectivity to gain visibility and improve efficiency Secure the industrial infrastructure Segregate accessibility from external & internal threats Improve business continuity, e.g. disaster recovery Gain access to devices for Big Data analytics 15

A Typical IT Network Architecture Vendor Support WAN Remote user Vendor Support Perimeter Network E-Comm Web Services IDS RAS Modem Modem HMI SCADA BMS 16

Agility & Innovation Via Software-defined Software-defined Networks & Software Overlay Networks. 17

Software-defined Network Application Layer Business Application Business Application Datacenter Centricity Control Layer API SDN Software Controller API Network Services API Control-Data Plane I/F Infrastructure Layer Network Device Network Device Network Device Network Device Network Device 18

Virtual Network Network Within a Network Application Layer Business Application Business Application Virtualized Overlay Network Software Layer Abstracted Network API API Network Services API Infrastructure Layer Network Device Network Device Network Device Network Device Network Device 19

Virtual Network Software-defined WAN Virtual network fully abstracted from physical network Software-based creates Networks within a network Micro segmentation of the network Isolate ICS network from IT Network Integrate legacy applications and devices Co-exist within IT security policies Adaptable to public, private and hybrid clouds 20

SDN/WAN & Overlays Simpler to provision & manager Cheaper to operate Lower cost bandwidth Faster performance Dynamic and automated configuration More Secure Augment vs. rip & replace 21

A Typical IT Network Architecture Vendor Support WAN Remote user Vendor Support Perimeter Network E-Comm Web Services IDS RAS Modem Modem HMI SCADA BMS 22

IT/OT Example Home Office demonstration 01.distrix.net Distrix Office 129.168.1.190 UDP 24444 UDP 24444 LoadBalanceSF LoadBalanceNY PLC 10.202.0.52 Distrix Lab Demo RS232 Distrix PhysSec Demo M0 23 M1

Extending the IT Network Home Office demonstration 01.distrix.net Distrix Office 129.168.1.190 UDP 24444 UDP 24444 LoadBalanceSF LoadBalanceNY PLC 10.202.0.52 Distrix Lab Demo RS232 Distrix PhysSec Demo M0 M1

Creating a Software Overlay Home Office demonstration 01.distrix.net Distrix Office 129.168.1.190 UDP 24444 UDP 24444 LoadBalanceSF LoadBalanceNY PLC 10.202.0.52 Distrix Lab Demo RS232 Distrix PhysSec Demo M0 M1

Forming Node-to-Node Trusted Network Home Office demonstration 01.distrix.net Distrix Office 129.168.1.190 UDP 24444 UDP 24444 LoadBalanceSF LoadBalanceNY PLC 10.202.0.52 Distrix Lab Demo RS232 Distrix PhysSec Demo M0 M1

Forming a Tunnel on Top of the Overlay Home Office demonstration 01.distrix.net Distrix Office 129.168.1.190 UDP 24444 UDP 24444 LoadBalanceSF LoadBalanceNY PLC 10.202.0.52 Distrix Lab Demo RS232 Distrix PhysSec Demo M0 M1

Demonstration Architecture Home Office Distrix Office 129.168.1.190 demonstration 01.distrix.net LoadBalanceNY UDP 24444 UDP 24444 LoadBalanceSF PLC 10.202.0.52 Distrix Lab Demo RS232 Distrix PhysSec Demo Demo Laptop M0 M1 28

A Simple Demo 29 Proprietary Information

2014 Distrix Inc. All rights reserved

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information