To ensure that the OT network is not exposed to any increased threat potential, Siemens and Zscaler have expanded the 'defence-in-depth' OT concept secured by a zero trust architecture. Based on the principle of "least-privilege access", zero trust only authorises application-specific access based on verified user identity and context. In combination with the existing OT security mechanisms, such as cell protection firewalls, this allows implementation of a granular access concept. In addition, production requirements for availability and real-time capabilities continue to be met. This is operationalised by installing the app connector for the cloud-based remote access service Zscaler Private Access (ZPA) on a Docker container in the Siemens Scalance LPE local processing platform, thus creating an access solution for industrial environments. Centralised management in the Zscaler Zero Trust Exchange cloud platform and the use of outbound connections facilitate more restrictive configuration of existing firewall rules, and the reduction of operating costs for administration and monitoring. Existing legacy systems can also be easily retrofitted with the Zero Trust Exchange solution. This offering is now available to customers worldwide through Zscaler and Siemens.
Siemens information technology CIO Hanna Hennig explains: "Operators of larger corporate networks are faced with the challenge of carrying out production work remotely with uniform security guidelines for OT and IT. By combining our communication technology with Zscaler technology, we can bring IT's zero trust approach directly into the OT environment. We have already successfully tested this approach in some of our own plants."
"Today, the protection of companies can no longer be limited to just IT settings. In times of converging IT and OT infrastructures, organisations must also take the security and access requirements of their production surroundings into account," says Zscaler office of CEO OT security Deepak Patel. "Together, Siemens and Zscaler are now bringing the benefits of zero trust to OT environments, thereby increasing control and protection mechanisms for all technology assets, including in production environments."
Industrial networks mainly use a protection concept in which the system is subdivided into separate production cells. Each of these cells is individually protected by appropriate measures, such as a cell protection firewall. In office networks, the zero trust concept is steadily gaining traction, with all participants, users and devices first having to prove their identity and integrity before communication with a target resource can take place.
Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centres globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.
Zscaler and the other trademarks listed at https://www.zscaler.com/legal/trademarks are either (i) registered trademarks or service marks or (ii) trademarks or service marks of Zscaler in the United States and/or other countries. Any other trademarks are the properties of their respective owners.