Security issues in today's OT environments

Traditionally, some OT devices have been connected to the OA environment to collect data, and there are also an increasing number of cases where remote access from outside the factory is required. This increases the risk of cyber attacks targeting OT environments.

In particular, OT environments are often physically isolated from the Internet and OA environments, and because special protocols and devices are used, it has been difficult to introduce conventional security solutions. In addition, many sites still use devices with legacy operating systems, and the risk of attacks targeting their vulnerabilities cannot be ignored.

Against this background, strengthening the security of OT environments has become increasingly important in recent years.

Figure: Example of OT NW​

Enhancing OT Security with Cato SASE Cloud

In response to this background, OT Security functionality has been newly released for Cato SASE Cloud, enabling comprehensive visualization and control of not only OA environments but also OT environments, and enabling centralized management and strengthening of the security of both environments.

By utilizing the OT security functions of Cato SASE Cloud, it is expected that traditional issues can be resolved and a safer, hybrid security system can be built. In particular, the threat prevention functions of firewalls and IPS can effectively block attacks that target vulnerabilities in legacy OS.

Cato's Visibility into OT Security

By utilizing the OT security visualization function of Cato SASE Cloud, you can grasp device information in your bases and factories from multiple perspectives. Specifically, you can visualize the following information in a unified manner.

• Type of connected device
• Device Model List
• Device OS information
• Manufacturer Information
• Statistics by device

In addition, Cato SASE Cloud supports centralized management of overseas bases, and can seamlessly visualize devices in overseas factories that were previously difficult to manage. This enables integrated management on a global scale regardless of base, which is expected to enable faster responses and risk reduction.

Cato SASE Cloud's global visualization and control functions, which have traditionally demonstrated their strengths in OA environments, also take full advantage of their advantages in OT environments.

Integration with existing security features

OT security in Cato SASE Cloud works in conjunction with existing security functions such as firewalls and IPS to make the following information visible:

• Devices blocked by security features
• Applications used by OT equipment
• Applications used by IoT devices
• Device of logs output by Firewall

Another feature of this solution is the ability to flexibly control and monitor communication policies for each device.

This enables you to strengthen security management on a global scale, such as by appropriately controlling devices that are allowed to connect to the Internet and those that should be restricted to communication within the company network, and by centrally managing all devices, including those at overseas bases.

Summary

In recent years, there has been a rapid demand for strengthened security in the OT area, and by using Cato SASE Cloud, it is possible to strengthen seamless visualization and monitoring systems on a global scale.
Previously, when introducing security measures for OT environments, the complex configuration required for network separation from the OA environment and the installation and adjustment of dedicated hardware on-site were burdensome. However, by introducing the OT security functions of Cato SASE Cloud, these complex processes can be omitted.
Furthermore, there are many devices equipped with legacy OS remaining in OT environments, and it has been pointed out that these vulnerabilities may be targets of attacks. Cato SASE Cloud applies advanced security functions such as firewalls and IPS to these devices as well, effectively eliminating threats such as malware and unauthorized access.
Integrated security management can be started immediately after implementation and can be deployed in a short period of time, allowing for speedy strengthening of security.

In order to use this function, an optional IoT/OT Security license is required.
If you are interested, please contact us here!