Scribd
Upload
33 views10 pages

Understanding Firewalls and Their Role in Industrial Networks

The document discusses the role of firewalls in industrial networks, highlighting their function in controlling traffic flow and protecting operational technology environments. It contrasts traditional IT firewalls with specialized industrial firewalls, emphasizing their design for harsh conditions and unique cybersecurity needs. Key features of industrial firewalls include stateful inspection, intrusion detection, and application layer filtering, which are crucial for maintaining security in industrial control systems.

Uploaded by

deepak Verma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
33 views10 pages

Understanding Firewalls and Their Role in Industrial Networks

The document discusses the role of firewalls in industrial networks, highlighting their function in controlling traffic flow and protecting operational technology environments. It contrasts traditional IT firewalls with specialized industrial firewalls, emphasizing their design for harsh conditions and unique cybersecurity needs. Key features of industrial firewalls include stateful inspection, intrusion detection, and application layer filtering, which are crucial for maintaining security in industrial control systems.

Uploaded by

deepak Verma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Understanding Firewalls and Their Role in

Industrial Networks
A firewall is a device placed between an organization's internal network and external networks to control traffic flow.
It selectively forwards or blocks packets based on rules, protecting specific hosts or services from unauthorized
access.

Firewalls monitor network traffic at the network level, working with routers to filter packets and ensure security. This
presentation explores the differences between traditional IT firewalls and specialized industrial firewalls, their
architecture, and their critical role in protecting operational technology environments.

Presented by Deepak Kumar


MT24GCS704
Industrial/ICS/OT Firewall
Specialized Protection Designed for Harsh Key Functions
Conditions
Industrial firewalls secure Include stateful inspection,
industrial control systems Built to withstand extreme intrusion
(ICS) and SCADA systems, temperatures, vibrations, and detection/prevention, VPN
defending against cyber electromagnetic interference support, access controls, and
threats unique to industrial common in industrial settings. application layer filtering.
environments.

OT vs. IT Firewalls: Key Differences


IT Firewalls OT Firewalls
Protect enterprise networks and data centers from Designed for operational technology systems like ICS
malware, unauthorized access, and intrusions. Typically and SCADA. Prioritize uptime, optimized for low
deployed at network perimeters using traditional latency, real-time communication, and built to endure
security measures. industrial conditions.
OT vs. IT Firewalls: Key Differences
IT Firewalls OT Firewalls
Protect enterprise networks and data centers from Designed for operational technology systems like ICS
malware, unauthorized access, and intrusions. Typically and SCADA. Prioritize uptime, optimized for low
deployed at network perimeters using traditional latency, real-time communication, and built to endure
security measures. industrial conditions.
OT Firewall Architecture – Perdue Model
Firewall Traffic Filtering Criteria

Filtering decisions depend on traffic type, source and destination addresses, and ports. Some firewalls analyze
application data to apply complex rules for allowing or blocking traffic.

This layered filtering approach enhances security by ensuring only authorized traffic passes through, protecting
critical network resources from unauthorized access or attacks.
Firewall Between Level 5 (Internet DMZ) and
Level 4 (Enterprise Admin)
Purpose Protection Features
Blocks direct internet access Prevents external attackers Includes IDS/IPS, geo-IP
to internal business systems. from reaching enterprise filtering, SSL inspection, and
services like file servers and application-layer filtering.
databases. Enables controlled
VPN or proxy access.
Firewall Between Level 4 (Enterprise Admin)
and Level 3 (Operations Admin)
This firewall acts as a critical segmentation layer between IT and OT domains, preventing unauthorized enterprise
devices from accessing OT systems.

It mitigates risks from phishing-compromised desktops and only allows whitelisted traffic such as OPC UA, Modbus,
or historian traffic, following IEC 62443 conduits.
Firewalls Within Level 3: Segmentation
Between Operational Subdomains
These firewalls isolate components like historians, domain controllers, monitoring systems, and third-party
integration points.

This segmentation prevents compromise of one asset from spreading and protects monitoring systems from
misconfigured or malicious devices, enhancing overall network security.
Firewalls Between Level 3 and Level 2
(Supervisory Control)
This is the most critical control point, enforcing boundaries between administrative OT systems and real-time
control systems.

It blocks rogue traffic such as unauthorized software updates or lateral scanning and allows only necessary
command and monitoring traffic, protecting the physical process from cyber threats.
Edge Firewalls Within Level 2: Micro-
Segmentation
Optional but increasingly recommended, these firewalls provide micro-segmentation between work cells, PLCs, or HMIs.

They enforce granular policies, for example, allowing “HMI A” to communicate with “PLC A” but not “PLC B,”
reflecting modern ICS designs with distributed firewalls for resilience.

You might also like