How do I get an overview of my IT infrastructure in networked production?
Industry observers often point out the differences between managing and securing traditional IT networks vs. OT networked production environments. For example, maintaining and patching production devices running 24/7 can be significantly more involved than deploying OS or app updates on users’ laptops.
However, what IT and OT managers have in common is a need for network visibility, i.e., seeing which devices are on the
network and understanding their specific management and security needs. Simply put, you can’t manage or secure what you
can’t see.
Network transparencysounds straightforward enough, but it’s harder than it sounds when it comes to OT networks. Fortunately, OT managers
have a growing range of strategies and solutions to get an overview of their production network infrastructure, including the OT Edition of the baramundi Management Suite (bMS).
The Industry 4.0 model suggests the following procedures:
Inventory
Where are assets available?
Scoping
Which of these are already recorded?
Which must be recorded?
Responsibility
Who is responsible for the assets?
Asset Management
Who manages hardware, software, firmware?
Integration and Administration
Which interfaces exist?
Which configurations have to be made?
The process begins with a thorough discovery and highly detailed inventory of all OT endpoints, then scoping -- or drilling into those results -- to
account for the unique characteristics of production network devices. OT networks often include a mix of production devices and industrial controllers
(ICs) that may be running specialized or older versions of Windows and other software.
During inventory/scoping it is important to think about all endpoints, including those that have yet to be documented. The work can be like a
history research project. ICs may be listed in one or more Excel files. Equipment managed by third parties may not be documented at all,
and you can only guess whether everything installed on the network over the last 30 years is even traceable. You need to be tenacious to ensure that nothing is overlooked.
While management responsibility is usually clearly defined in IT, OT is often the responsibility of multiple
stakeholders. Getting that sorted is critical, especially with the increase in cyberattacks on OT infrastructure. Simply because of unclear
responsibilities, many important issues are left undone. It must therefore be decided who has the lead in OT and how the tension between safety, productivity and security will be
managed.
All of that relies on network visibility and getting an overview of the OT environment similar to how IT managers can see exactly what’s
on their networks. The bMS is available for both environments to provide centralized,
consistent visibility and management of network endpoints.
Currently available in German-speaking markets, the bMS OT Edition combines our 20+ -year experience in unified endpoint management for IT with the
OT resources and expertise of our parent company, the Wittenstein manufacturing group.
Read more
Digital back pain? How network performance influences your DEX strategy
Between malware and NIS2: improving IT security & compliance
- Tags:
- nis2,
- cybersecurity
Windows 11's new group policies: The benefits for IT admins
- Tags:
- windows11,
- win11