Zero Belief Community Entry (ZTNA) is a safe distant entry service. It verifies distant customers and grants them entry to the appropriate assets on the proper occasions based mostly on id and context insurance policies. That is half 3 in our weblog sequence about ZTNA for operational know-how (OT). Try Half 1 for why ZTNA beats out always-on VPNs for OT distant entry and Half 2 for the way ZTNA reduces the assault floor by proscribing entry strategies and verifying distant customers’ safety posture.

Video cameras are in all places, together with in amenities with the strictest bodily entry controls. Even should you belief a person to enter a delicate space, you continue to want to observe their actions as soon as they’re within the door. Seeing a suspicious exercise, you may step in to cease it. And if issues crop up after the go to, reviewing a recording may also help pinpoint what went fallacious.

Monitoring and recording actions are equally crucial on the subject of distant customers accessing your OT networks. It’s not sufficient to confirm the id of distant workers, distributors, and contractors. Neither is it sufficient to know who’s linked to what OT/ICS belongings. You additionally have to know what customers are doing throughout distant entry periods. Most organizations lack that visibility in the present day, a shortcoming for cybersecurity compliance, governance, the flexibility to cease and get better from breaches, and incident investigation.

Conveniently, Cisco Safe Gear Entry (SEA) offers you an all-in-one answer to grant distant entry, implement entry controls, and monitor and report distant session exercise. Listed here are 3 ways you may reap the benefits of Cisco SEA to actively management OT distant entry.

1 – Monitor, be a part of, and terminate lively periods

See an inventory of all lively periods on the Cisco SEA console. By clicking on the session between ‘Person A’ and ‘Asset B’ you may watch session actions as they occur, together with instructions despatched to the asset. Watching a vendor configure an OT/ICS asset might be useful for coaching, for instance. And should you see one thing suspicious, like an try to vary the code or a variable in a programmable logic controller (PLC), you may terminate the session with a click on and disconnect the distant consumer. Distant session termination is required by ISA/IEC62443-3-3 FR2.

2 – Keep a whole log of previous periods

Cybersecurity finest practices require sustaining an in depth historical past of all previous periods, helpful for safety audits, forensic investigations, and regulatory compliance. The EU’s NIS2 Directive, for instance, requires a full audit path for each occasion that impacts crucial infrastructure and OT safety requirements akin to ISA/IEC62443-3-3 require data of all login makes an attempt. Cisco SEA logs each system-generated and user-generated occasions. For instance, evaluation how distant customers authenticate, together with usernames, time, machine posture, and session actions. Or see who added new customers or new belongings to the system.

3 – File periods to see what occurred

Optionally report periods for chosen belongings, just by deciding on the asset on the console and checking a field. Recordings enrich your audit path and might be significantly useful for troubleshooting. If an asset like a robotic arm, wind turbine, or freeway signal stops working, for instance, you may uncover {that a} vendor not too long ago upgraded the software program or made a typo in a brand new configuration. Sooner troubleshooting helps you place the asset again into manufacturing sooner.

Maintain it easy, with an all-in-one answer for safe tools entry

Summing up, Cisco SEA offers you a single interface to guard your ICS and OT belongings with ZTNA. Require all distant customers to authenticate by way of a single level. Management which belongings they’ll entry and at what occasions. And do what a video digicam does by monitoring all distant session actions and recording information for safety audits.

Study extra about Cisco Safe Gear Entry right here.

Share: