Edge SDN is a network based on standard Software Defined Network switches and a Central Management Console to create Zero-Trust security for the resilience of Industrial networks in compliance with International Standards such as ISA/IEC 62443 and NIST 800.82.
Control at all times OT activities and the security level of any asset
Isolate hosts and segment traffic to prevent threats, malwares, and ransomwares
Inspect and control data stream to detect anomalies and to unveil an attack before it becomes a problem
Integrate Edge SDN nodes into your system to improve security without any major changes to your network
Give operators a one click control panel to change security profiles according to current operational conditions
Security should not be limited to isolated points such as firewalls or IDSs that inspect and deny access to traffic across different networks. Threats and vulnerabilities can be found everywhere. Each node must be involved in an effective security strategy. Security must be pervasive over the entire network.
Place Edge-SDN nodes anywhere where control and security are necessary
Most vulnerabilities come from edge devices, the exploit of a leak from a device can start a serious escalation of threats. To effectively protect assets and devices, running applications must be strictly isolated. This does not mean that the assets are on an isolated network but that they are isolated from the rest of the network.
Host isolation is the first line of devices and assets defence
The weakness of a network is proportional to its capacity to spread threats enhancing their attack magnitude. This is the result of a security strategy that leaves too much room for unauthorized or stray traffic. Network design is needed to allow communication only between well-known and authorized recipients, preventing any illegal or misused communication.
Micro-segmentation is the key to prevent unplanned traffic avoiding malicious activities
The IT department oversees planning and delivery of cyber security strategies but in everyday activities operators on the field are the ones who face problems and warnings and must react promptly. A simple interface containing single buttons is the right tool to help operators no matter the situation or conditions
Define your safety goals and let the OT operators achieve them daily
When an attack is about to begin there are usually a lot of revelatory signs, but it can be difficult to timely identify them before the problem occurs. Threats can be hidden anywhere. In every forwarding point a deep packet inspection coupled with a self-learning AI can detect and prevent threats.
Edge SDN node is equipped with an IDS to detect any anomalies as well as self-learning AI algorithms to verify potential risk
Power without control is meaningless. Control must be given to the right person at the right time in a way that can be used effortlessly. Every activity or change effecting security must be analysed, reported if needed, and logged to obtain a valuable analysis.
A central controlled security point to remotely check and assist OT activities
The main goal of Edge SDN is to prevent threats, while many other OT solutions are tailored just to detect malicious traffic once a threat has shown up. Therefore, the integration of Edge SDN nodes can enhance an already deployed security strategy.
Whatever your OT systems security strategy is, you can easily integrate one or more Edge SDN nodes to:
Isolate hosts and segment traffic to prevent threats, malwares and ransomwares
Inspect and control data stream to detect anomalies and to unveil an attack before it becomes a problem
Give operators a one click control panel to change security profiles according to current operational conditions
Control at any time OT activities and the security level of any asset
Integrate Edge SDN nodes into your system to improve security without any major changes
Adding prevention at the edge will improve your security strategy.