Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Page 1Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Industrial Network Security
PCC Octoberfest │ 10/24/2019
Steve Pickhardt
usa.siemens.com/industrial-networksUnrestricted © Siemens 2019
Page 2Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
ICS CYBERSECURITY IS A MAJOR PRIORITY, BUT…
In 2018, Kaspersky Lab released the second annual
report “The State of Industrial Cybersecurity 2018,” a
publication based on a survey of 320 worldwide
professionals with decision-making power regarding ICS
cybersecurity.
Over three-quarters of the companies surveyed state that
it is very likely or at least quite likely they will become a
target of a cybersecurity attack in the ICS space, only
23% are compliant with minimal mandatory industry or
government guidance and regulations around
cybersecurity of industrial control systems.
Although more than half of the companies
(51%) said that they did not experience any
incident or breach in the past 12 months, the
question is whether or not they would even
have recognized it. Many companies do not
even detect or track attacks.
Moreover, since the companies surveyed have
only just started the digital transformation, it can
be said that their attack surface will increase as
they raise their level of digitalization.
2/27/19 article in Tripwire: Trends in Industrial Control Systems Cybersecurity
Page 3Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
A successful security strategy is multifaceted
People
TechnologyProcess
Page 4Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
A successful security strategy includes strong partners
Understands security challenges
& digitalization
Has vertical industry
know-how
Understands industrial
communication
Expertise withindustrial security
products and services
Has processes and products that are
proven and certified
In a fast-paced industry full of challenges and risk, it’s important to have a reliable, qualified and proven partner for Network Security!
Page 5Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Page 5
Page 6Unrestricted © Siemens 2019 All rights reserved. Paul NussPage 6
Cyber crime is wide spread and costs the global economy US$600 billion annually.1
Cyber attacks are impacting companies of all sizes, in all markets
1 McAfee
Stay secure in the
age of digitalization
Page 6
Page 7Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Challenges: Industrial Control Systems Incidents Response
In the ICS-CERT fiscal year (October 2013 until September 2014)
ICS-CERT analyzed 245 attacks to control systems in the USA.
Critical Manufacturing includes:
Transportation Equipment manuf. – e.g. Vehicles, Aerospace, Transit cars
Machinery manuf. - e.g. Engine and turbine, Power transmission equipment
Electrical Equipment, Appliance and Comp. manuf. – e.g. Electric motor
Primary Metals manuf. – e.g. Iron and steel mills, aluminum, nonferrous metal
Page 8Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Challenges: Industrial Control Systems Incidents Response
“Malware infections”“Unauthorized access and exploitation of Internet
facing ICS / SCADA devices”
In the ICS-CERT fiscal year (October 2013 until September 2014)
ICS-CERT analyzed 245 attacks to control systems in the USA.
Critical Manufacturing includes:
Transportation Equipment manuf. – e.g. Vehicles, Aerospace, Transit cars
Machinery manuf. - e.g. Engine and turbine, Power transmission equipment
Electrical Equipment, Appliance and Comp. manuf. – e.g. Electric motor
Primary Metals manuf. – e.g. Iron and steel mills, aluminum, nonferrous metal
“Network scanning and probing” “Lateral movement between network zones”
The scope of incidents included:
“Targeted spear-phishing”“Strategic website compromises”
Page 9Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Challenges: Real-World Cyberattacks
A leading supplier of aluminum products in North America and
European markets, Norsk Hydro, was hit by a
cyberattack in 2019. They were forced to shut down several
automated product lines. According to the report, "the impact
was widespread as several plants in the US and Europe were
stopped due to a lack of ability to connect to production
systems and customs data."1
In recent years, global leaders Merck (pharmaceuticals) and
Mondelez (Oreo, Ritz and other food brands producer)
experienced cyberattacks. Merck lost nearly $700M and
Mondelez over $100M in damages. In addition, they
encountered claim denials from Insurers.2 Sources:
1www.bloomberg.com, Nordic Metals Giant Restarts Some Systems
After Ransomware Attack, March 2019
2www.nytimes.com, Big Companies Thought Insurance Covered
a Cyberattack. They May Be Wrong, April 2019
3www.wsj.com, Russian Hackers Reach U.S. Utility Control Rooms,
Homeland Security Officials Say, July 2018
Critical infrastructure continues to be a target for hackers. A
long-running campaign recently put hackers “inside the control
rooms of U.S. electric utilities where they could have caused
blackouts". The strategic importance of critical infrastructure to
national security and a functioning society can lead to an
increase in the frequency and intensity of cyberattacks on those
facilities.3
These are just a few attacks that have been reported. There are
many other examples, some not reported as companies often
try to handle them discreetly.
Page 10Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Challenges
“The Internet of Things would be inconceivable without Cybersecurity.”
• Horizontal and
Vertical integration
• Open standards
• PC-based systems
Information technologies (IT) are
used in industrial automation and
became operational technologies (OT)
Increased security threats demand actions to avoid:
Loss of intellectual property
Plant standstill, e.g. due to viruses or malware
Sabotage in the production plant
Manipulation of data or application software
Unauthorized use of system functions
Compliance to standards and regulations is required
*https://new.siemens.com/global/en/company/innovation/pictures-of-the-future/cybersecurity.html
Page 11Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Challenges
Page 12Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Discrete Manufacturing
Oil & GasElectric Utilities
Process Manufacturing
Transportation
Page 13Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Discrete Manufacturing
Page 14Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Asset Protection
Physical access
protection
Company Data:
Employee, processes,
trade secrets, IP, software
Equipment, machines,
materials, robots, AGVs
Assets requiring protection
Equipment, machines, materials, e.g. robots, AGVs
Software, applications, production and process data
Employee and or customer personal data
Process documentation, programs, know how
Future plans, trade secrets, Intellectual Property (IP)
Production applications, process
documentation, know how
Personal safety
Page 15Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
The Industrial Security Concept from Siemens
Defense in Depth
Page 16Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Risk Management Methodology
Evaluation of current Security Status
• Analysis of threats and vulnerabilities
to identify, evaluate and classify risks
• Detailed Audit provided with security assessment
results to specific standards
Risk mitigation through implementation
of security measures
• Design and implement technical
security measures
• Develop and deploy security
relevant processes
• Enhance security awareness
Comprehensive security through
monitoring and pro-active protection
• Close security gaps with continuous
updates and backups
• Early adaption to changing threat
scenarios
Page 17Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
The Industrial Security Concept from Siemens
Defense in Depth
Page 18Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Network Security
“All the benefits of data-driven
decisions without the vulnerability
of exposing your network”
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
* Coming soon,
custom training
available now
Page 19Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Network Security
Siemens industrial network security protects against
vulnerabilities with proven solutions
✓ Network Security expertise
✓ Best-in-class security products and services
✓ Proven implementation and success
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 20Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Network Security: Use Case
The Project at a Glance…
➢ One of the world’s largest manufacturers and marketers of spirits, wine and beer
➢ Implemented a comprehensive Siemens network including network security measures
with assistance of Siemens networking Professional Services
➢ Newly expanded secure network connects 4,000 production-related devices including
1,500 SINAMIC G120 drives, SIMATIC S7 200, 300 and 400 PLCs, ET200SP remote I/O,
WinCC servers and HMIs
➢ Implemented a secure wireless network to support operation of 126 laser-guided vehicles
which communicate with the manufacturing execution system (MES)
➢ More than 200 switches
➢ Expanded plant capacity by 250% in 3 years
➢ After network expansion the Nava brewery has become the world’s largest of its kind with
an annual production capacity of nearly 27.5 million hectoliters
Page 21Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Network Security: Use Case
Partnered with Siemens Professional Services for network security and design
Segmented the automation network with VLAN and firewall: Scalance XC & S
Utilized a ring with High-speed Redundancy Protocol (HRP) to ensure network
availability
Implemented secure communication between operation network and the
Manufacturing Execution System (MES)
Implemented firewall and VPN with Scalance S for secure remote access
Utilized SINEMA Server software for network management providing full visibility
of the plants network, topology, monitoring and diagnostics – integrated into the
plants WinCC HMI/SCADA system and can issue warnings and error messages
via the OPC interface along with event logs for performance audits
Industrial Networking Security Services
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Network security measures implemented
Page 22Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security Implementation
Industrial Networking Security Services
Secure
Remote
Access
Secure Plant
/ PhysicalLayer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 23Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security Implementation
Industrial Networking Security Services
A vulnerability assessment is the first step to security
Siemens certified security experts:
✓ Conduct a network vulnerability scan with security software
✓ Perform an evaluation with interviews based on security standards
✓ Provide a detailed audit report with a prioritized implementation
plan based on established security standards
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 24Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security Implementation
Industrial Networking Security Services
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management
Offering Deliverable
On-Site Services & Support • Industrial Network Auditing:
• Provide a documented audit report to include:
• Existing network architectures
• Inventory of devices
• Benchmark tests results
• Recommended steps
Network Security
Assessments
• Discovery and analysis based on security stand.
• Vulnerability scan, assessments & reports
• Implementation plans
• Design, development and delivery of security
solutions
Design & Consulting • Network Design Services
• Site Survey
• RF Planning
Integration & Deployment • Pre-Configuration & Testing Services
• Implementation Services
Training Services • Certified Professional For Industrial Networks
• Certified Expert For Industrial Networks
• Customized Trainings
Page 25Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security Implementation
Industrial Networking Security Services
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
Page 26Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security Implementation
Industrial Networking Security Services
Examples of Siemens Industrial Network Security Assessments
Customer: U.S. Electric Utility Company
Assessment period: Two months
Methodology: The security assessment included interviews
with engineers, technicians, IT and management. The
security was evaluated for physical access. The network was
assessed with packet captures, logs, configuration files and
network scanning tools. Systems evaluated included
workstations, servers, switches, routers, firewalls, encryption
and cellular devices.
Deliverable: The assessment report (less than 100 pages)
provided a comprehensive analysis of the current security
posture and a prioritized list of recommendations.
Customer: U.S. Industrial Manufacturing Facility
Assessment period: One week
Methodology: A security assessment of network
documentation, passwords, architecture, switches, routers,
firewalls, encryption, computers, servers and other devices
was completed. Data communication was verified with
traffic analysis and network health information from all
devices was evaluated.
Deliverable: The near 50-page assessment report provided
network health results, traffic load of the network, a network
validation checklist, data communication results and
recommendations on future enhancements to further secure
the network and eliminate potential vulnerabilities.
Page 28Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Industrial Networking Security Certification Training
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure OT &
Automation Network
Secure Access
Management
* Coming soon,
custom training
available now
Page 29Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Industrial Networking Security Certification Training
Elevate your security knowledge and implement your
security strategy
✓ Learn about common security threats and how to prevent them
✓ Gain experience implementing security measures
✓ Hand-on exercises scanning networks for vulnerabilities
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure OT &
Automation Network
Secure Access
Management
* Coming soon,
custom training
available now
Page 30Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Network Security
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
• Strengthen security knowledge to implement a security strategy
• Learn about proven security concepts, tools, implementation,
encryption, firewall, Next Generation Firewall (NGFW)
• Gain hands-on experience…➢ Creating firewalls
➢ Scanning non-secure and secure networks
➢ Enabling secure protocols, disabling non-secure protocols
➢ Implementing secure availability with VRRP
➢ Setting up and testing NAPT
➢ Segmenting at network with VLAN and firewall
➢ Creating a protected WLAN
➢ Enabling password protection and access control
➢ & more…
* Coming soon,
custom training
available now
Page 31Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 32Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network
Protect the data that keeps your operation productive
✓ Siemens is a global leader in automation and industrial networking
✓ Secure your most valuable assets with proven experts and solutions
✓ Utilize proven security solutions focused on safety and uptime
✓ Prevent threats like network intrusion and manipulation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 33Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Protect the data that keeps your operation productive
✓ Risk mitigation by dividing an OT or automation network into different
protected segments or cells
✓ Allow only the connections and data needed to reach respective
segments with VLAN
✓ Implement secure protocols, availability and access control
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 34Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
SC646-2C
Secure OT &
Automation Network
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access specific network
segments with VLAN, Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Secure Access
Management
Page 35Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access specific network
segments with VLAN, Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
SC646-2C
Secure Access
Management
Page 36Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Cell 1 is segmented (VLAN) so only essential traffic will have access
✓ Availability is achieved with HRP / MRP
✓ Secure protocols and NAT are implemented for additional security
Page 37Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
XC206-2SFP G
Protect the data that keeps your operation productive
✓ Cell 1 is segmented (VLAN) so only essential traffic will have access
✓ Availability is achieved with HRP / MRP
✓ Secure protocols and NAT are implemented for additional security
Page 38Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Protect the data that keeps your operation productive
✓ The Cell 1 VLAN segment has additional protection with a firewall,
VPN, IPsec
✓ Communication across the network for transparency is protected
✓ Availability protection with redundant VRRPv3, HRP / MRP
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
XC206-2SFP G
SC646-2C
Page 39Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
CP 1543-1
XC206-2SFP G
SC646-2C
Protect the data that keeps your operation productive
✓ The Cell 1 VLAN segment has additional protection with a firewall,
VPN, IPsec
✓ Communication across the network for transparency is protected
✓ Availability protection with redundant VRRPv3, HRP / MRP
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 40Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
CP 1543-1
XC206-2SFP G
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access specific network
segments with VLAN, Firewall and VPN
✓ Protection with availability by using HRP / MRP
✓ Secure protocols and access control
Page 41Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Protect the data that keeps your operation productive
✓ Siemens is a global leader in automation and industrial networking
✓ Secure your most valuable assets with proven experts and solutions
✓ Utilize proven security solutions focused on safety and uptime
✓ Prevent threats like network intrusion and manipulation
Page 42Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
SC646-2C
Secure OT &
Automation Network
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access specific network
segments with VLAN, Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 43Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Cell 2 allows only data required for the operation to access specific
segments of the network with VLAN
✓ Protection with availability by using HRP / MRP
✓ Secure protocols SSH / SSL, HTTPS
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 44Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Protect the data that keeps your operation productive
✓ Cell 2 allows only data required for the operation to access specific
segments of the network with VLAN
✓ Protection with availability by using HRP / MRP
✓ Secure protocols SSH / SSL, HTTPS
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementXP208
Page 45Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementXP208
SC646-2C
Protect the data that keeps your operation productive
✓ The Cell 2 VLAN segment has additional protection with a firewall,
VPN, IPsec
✓ Communication across the network for transparency is protected
✓ Availability protection with redundant VRRPv3, HRP / MRP
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 47Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Protect the data that keeps your operation productive
✓ Siemens is a global leader in automation and industrial networking
✓ Secure your most valuable assets with proven experts and solutions
✓ Utilize proven security solutions focused on safety and uptime
✓ Prevent threats like network intrusion and manipulation
Page 48Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
SC646-2C
Secure Access
Management
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access specific network
segments with VLAN, Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Secure OT &
Automation Network
Page 49Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Cell 3 is utilizing wireless technology
✓ The network is kept secure with MAC based access control list
✓ Cipher encryption (AES) is implemented for additional security
✓ Access protection according to IEEE802.11i & radius (WPA2-PSK)
Page 50Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Cell 3 is utilizing wireless technology
✓ The network is kept secure with MAC based access control list
✓ Cipher encryption (AES) is implemented for additional security
✓ Access protection according to IEEE802.11i & radius (WPA2-PSK)
Page 51Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Cell Segmentation
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
SC646-2C
Protect the data that keeps your operation productive
✓ The Cell 3 VLAN segment has additional protection with a firewall,
VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
Page 52Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network: Within the Automation Cell
Protection against:
➢ Theft of intellectual property
➢ Unauthorized modification
➢ Unauthorized access
➢ Manipulation
➢ Malware
➢ …
Bind to serial number of the CPU
Page 53Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure OT & Automation Network
Cell Protection: Firewall, VPN, IPsec,
access control, secure protocols, NAPT
Availability: HRP / MRP rings,
OSPF, RSTP, redundant firewall
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management SystemCell Segmentation: VLAN, Firewall
Page 66Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 67Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Create a layer of security to protect your IT and OT networks from
external and internal threats
✓ Benefit from integrated operational and enterprise data to make the
best decisions while knowing your data is secure and only transparent
to you
Secure OT &
Automation Network
Secure Access
Management
Page 68Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with NGFW, Intrusion Prevention System (IPS)
✓ Protection with availability by using HRP / MRP, VRRPv3, OSPF
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 69Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
ManagementProtect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with NGFW, Intrusion Prevention System (IPS)
✓ Protection with availability by using HRP / MRP, VRRPv3, OSPF
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
XR524-8C
APE 1808
NGFW w/ IPS
RX1500
Page 70Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
RX1500
APE w/ IDS
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with Firewall, Intrusion Detection System (IDS)
✓ Protection with availability by using HRP / MRP, VRRPv3, OSPF
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 71Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
SC646-2C
XR524-8C
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3, OSPF
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 72Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
XM416-4C
SC646-2C
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 73Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
RX1400
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3, OSPF
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
w/ IDS
Page 74Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure OT &
Automation Network
Secure IT / OT
Collaboration
Asset Discovery &
Management
SC646-2C
Protect the data that keeps your operation productive
✓ Allow only data required for the operation to access the OT network
with Firewall, VPN, IPsec
✓ Protection with availability by using HRP / MRP, VRRPv3
✓ Secure protocols and NAT / NAPT
✓ Access control lists (e.g. MAC, password or RADIUS) and logging
Page 75Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
IDS
Network Security
Secure IT / OT Collaboration
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
SC646-2C
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
DMZ APE 1808 NGFW w/ IPS
Page 76Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
IDS
Network Security
Secure IT / OT Collaboration
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
APE 1808 NGFW w/ IPS
Coming soon!
Examples of Secure-NOK detectable anomalies
✓ Abnormal traffic patterns and volume
✓ New IP connections and removable media insertions
✓ Detection of changes in PLC memory blocks
✓ And plug-and-play installation with RUGGEDCOM APE
Secure-NOK Intrusion Detection System (IDS)
➢ Continuously monitors network traffic and endpoints
➢ Non-intrusive, anomaly based detection software
➢ Establishes a baseline of normal network behavior
➢ Detects anomalies in ICS and OT networks before
damage is done or limit the spread
➢ Provides early and actionable alerts
Available now
Page 77Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure IT / OT Collaboration
Solution Description
Intrusion Detection
System (IDS)
• Statistical & behavioral algorithms
• Non-intrusive, non-signature based
Deep Pack Inspection
(DPI)
• Deep packet inspection for protocol
specific commands
• (e.g. S7, 61850, Modbus, …)
Intrusion Prevention
System (IPS)
• Monitors traffic
• Drops malicious packets
• Blocks traffic from the source
address
• Resets connection
Next Generation Firewall
(NGFW)
• Application level detection &
protection (e.g. Malware
Monitoring)
• Integrated IDS/DPI functionalities
• Scalable management for multiple
security services and zones
OSI Reference Model
7 Application • Access to application (e.g. web browser)
6 Presentation • Type of data; HTTPS – encryption services
5 Session • Starts, ends and isolates sessions
4 Transport • Defines ports and reliability
3 Network • Logical or IP addressing, path determination
2 Data Link • Switches, MAC accessing
1 Physical • Cable, Network interface cards
10101010101010101010
10101010101010101010
10101010101010101010
10101010101010101010
10101010101010101010
10101010101010101010
Page 83Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 84Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
Page 85Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
Page 86Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Scalance M876-4
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
SINEMA Remote Connect
Page 87Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
SC646-2C
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
SINEMA Remote Connect
Page 88Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
RX1400
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
Page 89Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
CP 1543-1
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
SINEMA Remote Connect
Page 91Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Remote Access
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
or
Scalance M876-4
SINEMA Remote Connect
Remote Access Management
SINEMA Remote Connect
Dedicated Device Access (DDA)
RUGGEDCOM CROSSBOW also is
an option for secure remote access
Save time with remote connectivity by securely assessing
and troubleshooting your operation from a distance
✓ Utilize secure connectivity to enable transparency without sacrificing
productivity or security
✓ Cellular data plans and SIM cards available directly from Siemens
✓ IPSec, VPN encryption for secure remote access
Page 101Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Asset Discovery & Management
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 102Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Asset Discovery & Management
Scan your network to identify assets and be alerted of any
device additions, topology changes or failed logon
✓ Authenticate users and manage access
✓ Create an inventory list and deploy mass firmware installations to keep
your devices equipped with the most up-to-date security defenses
✓ Prevent rogue access by monitoring your network
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 103Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Asset Discovery & Management
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
Centrally monitor, manage,
and configure networks with
50 to 12,500 devices around
the clock with SINEC NMS
RUGGEDCOM CROSSBOW also is
an option for secure access
management and station access
control compliant with many standards
SINEC NMS
Page 104Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Access Management System
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Page 105Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Access Management System
Layer 2/3
OT
Layer 2
OT
Layer 3
IT / OT
Enterprise
IT
Field
Devices
Secure
Remote
Access
Secure Plant
/ Physical
Secure IT / OT
Collaboration
Asset Discovery &
Management
Secure OT &
Automation Network
Secure Access
Management
Secure Access Management Systems offer remote
access and the next level of cybersecurity
✓ Integration with Active Directory, RSA SecurID and other enterprise
authentication solutions compliant with many security standards
✓ Individual user accounts with highly configurable permissions
✓ Ability to block commands on a per device type/per user basis
Page 106Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Network Security
Secure Access Management System
Industrial Networking Security Services
Industrial Networking Certification Training*
Secure IT / OT Collaboration
Secure OT & Automation Networking
Secure Remote Access
Asset Discovery & Management
Secure Access Management System
SINEC NMS also an option to centrally monitor, manage, and configure networks with 50 to 12,500 devices
RUGGEDCOM CROSSBOW
RUGGEDCOM CROSSBOW is a unique
cybersecurity system associated with:
◾ Secure Remote Access
◾ Asset condition monitoring
◾ Event response and investigation
◾ Maintenance (including vendors)
◾ Control, protection and telecommunications
engineering
Benefits
◾ Meets standards for cybersecurity
◾ Strong (2-factor) authentication
◾ Individual user accounts and privileges
◾ Audit log of activity
◾ WAN or dial-up access to remote devices
Security
◾ Integration with Active Directory, RSA SecurID and other
enterprise authentication solutions
◾ Individual user accounts with highly configurable permissions
◾ Audit log/reports of all activity
◾ Ability to block commands on a per device type/per user basis
◾ Role based user access control
◾ Local access control through either Station Access Controller or
the Secure Access Manager Local (SAM-L)
Page 108Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Security Certifications
• Development process
• Certification of “Secure Product
Development Lifecycle” for
Division DF and PD based on
IEC 62443-4-1
• TIA Ethernet based devices
• E.g. S7-1500, 1505S, S7-300,
CP343-1 SCALANCE S, …
• Protection against DoS
attacks
• Defined behavior in case of
attack
• Improved AvailabilityFind more information: https://www.siemens.com/global/en/home/company/topic-areas/future-of-manufacturing/industrial-
security/certification-standards.html
SIEMENS
Security by design
Security verification and
validation testing
Security update
management
Page 109Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
Network Security: More information available
Videos
White papers,
articles, brochures
Case studies
Website
Contact your local representative for
more information!
Page 112Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Siemens Industrial Security
A successful security strategy is multifaceted
People
TechnologyProcess
Page 113Unrestricted © Siemens 2019 All rights reserved. Paul Nuss
Thank you for your attention
Questions?
Steven Pickhardt
Industrial Networking Consultant
E-mail: [email protected]