Deprecated: Function eregi() is deprecated in /home/h101150-2/siemens71.ru/docs/new/cat.php on line 184
Protection of industrial networks with Industrial Security
Modern automation technology is based on communication and the trend toward increased networking of individual manufacturing islands. It is becoming more and more important to integrate all the manufacturing components into a uniform network that merges with the office network/corporate intranet and provides remote access options for service purposes. In this way, industrial communication interacts more and more with the IT environment and is now subjected to the same dangers that are well-known from the office and IT environment, such as hackers, viruses, worms and Trojans.
Different measures have to be taken to increase the security of industrial automation systems to specific levels. These range from the company organization and its guidelines regarding protective measures for PC and control systems through to protection of automation cells by segmenting the network. Siemens follows the cell protection concept and offers, with the SCALANCE S security modules as well as the communications processors (CPs) with integrated security functions (Security Integrated), components for setting up protected cells. With the cell protection concept, a plant network is subdivided into protected automation cells within which all devices are able to communicate with each other securely. The individual cells are connected to the overall network protected by a VPN and firewall.
Advantages of the cell protection concept:
- Protection from espionage and data manipulation
- Protection against overloading of the communication system
- Protection against mutual interference
- Protection against addressing mistakes
- Secure remote access also over the Internet
- No changes or modification of the existing network structure are necessary
- No changes or modification of the existing applications or network stations are necessary
Siemens offers technical solutions for industrial security in three different forms:
-
Standard security mechanisms,
e.g. encryption, password protection, and the option of deactivating interfaces and services: These functions are included as standard in the most diverse devices such as SIMATIC S7, SIMATIC HMI, SIMATIC NET communications processors and SCALANCE network components. -
Specific security products
that handle security tasks exclusively: These are the SCALANCE S security modules and the SOFTNET Security Client VPN software. -
Security Integrated,
hardware components whose tasks are primarily in the area of communication, but which also provide the full security functionality from the area of firewall protection and VPN.