Company Information

For many years the prevailing wisdom to OT security was isolation through air-gap. Apart from high-security environments, this approach has both practical and rational limitations, especially where OT devices are located over a large geographical area.

Supporting air-gapped networks requires additional human resources, infrastructure, security and monitoring. By implementing air gaps, synergies of using converged data, communications and control network are lost.

In the absence of an air-gapped network, companies usually turn to either connecting OT devices straight to the data (IT) network or using VLANs to segregate these devices from the data network.

However, VLANs are generally considered inadequate when used as a security mechanism. VLANs were designed as a network management feature and isolation is not usually propagated across the WAN. This means that unless the device is further secured, the device is still open to attacks across the wider network.

VLANs however do have a part to play in securing OT networks. When configured as a Private VLAN with port isolation and combined with a Splice Cloaking Device, this can effectively isolate the OT network to provide the logical equivalent of an air gap.

Where the Cloaking devices in combination with the supernodes and controller establish an OT Overlay Network, enhancements such as traffic filtering, virtual patching, IPS, authentication offloading and even role-based access can be achieved.

These features are combined with robust behavioural profiling in one package: Cybersplice.