Cisco UK & Ireland Blog

Let’s Talk Operational Technology (OT) Intent-Based Security

July 27, 2018

The Internet of Things (IoT) has become what Mufasa is to the Hyenas in The Lion King. It’s a name everyone knows but also fears – and let’s not even talk about deploying.

Yet in practice, IoT wants to help you connect everything you can possibly imagine and provide you with all the data you’ve ever wanted across your extended enterprise.

IoT is your friend: Don’t fear it

With the right infrastructure, IoT will save you time and money: so all in all better TCO and business strategies.

This blog focuses on OT Intent-Based Security, and how Cisco supports this. First of all, we need a few introductions, so please meet:

Most of you may have met before, but not together!

ISE and StealthWatch? I thought we were talking about OT

Yes exactly.  ISE and StealthWatch can perform the same amazing roles in your OT environment as they do in your IT environment.

How? They reach out to IND who speaks protocols (Industrial languages such as Modbus and Profinet). IND can translate the network language in your OT environment to IT (Information Technology) language. Have a look at the picture below:

Your Industrial endpoints whether it is a robotic arm, a drone, a traffic light or an I/O speak industrial protocol and this means IT can’t differentiate these endpoints as this is a different language. Due to these linguistic differences we use IND as a translator between OT and IT.

IND understands most Industrial Protocols and can see what endpoints are connected to an Industrial Ethernet switch and will translate this to ISE and StealthWatch.

This means ISE and StealthWatch can see and understand the OT Network to create policies, profiles, understand behaviour, create segmentations and remediate in your OT network.

Yes, you can extend those same capabilities to the OT

So if you ever thought I wish I could:

  • Securely segment and set policies in my OT Network
  • Have my engineers working remotely to solve technical issues
  • Immediately understand when a machine is not being itself
  • Merge your OT & IT Networks and departments

Now you know that you can. You can have access, control and visibility of your entire Network, OT & IT. This means a secure, compliant, agile and productive network that is ready for your IoT journey.

Watch the video below to see how it works.

Get more information on expanding IT’s reach to centrally secure IoT endpoints

Leave a comment