在工业网络中实施分段.pdf

1、#CiscoLive#CiscoLiveAndrew McPhee,Industrial Security Solutions ManagerBRKIOT-2882BRKIOT-2882Implementing Segmentation in Industrial Networks 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use Cisco Webex App to chat

2、 with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.1234https:/ 2023 Cisco and/o

3、r its affiliates.All rights reserved.Cisco PublicBRKIOT-28823Agenda 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicWhy Segmentation is ImportantOverview of Ciscos Industrial Security GuidelinesIEC 62443 Zones&ConduitsIdentifying the AssetsMacro vs Micro SegmentationImplementing Seg

4、mentation with Cisco Identity Services Engine(ISE)Q&ABRKIOT-28824Security can and should be simple!Why Segmentation is Important 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive7Attack Techniques used to exploit the Industrial NetworkBRKIOT-2882Initial Access(TA0108)Discov

5、ery(TA0102)Lateral Movement(TA0109)Command and Control(TA0101)2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveJourney to Securing the Industrial NetworkBuild a Security Build a Security FoundationFoundation1 1Develop an Incident Develop an Incident Investigation&Investigat

6、ion&Response planResponse plan4 4Gain Visibility&Gain Visibility&Device PostureDevice Posture2 2Segment network Segment network into smaller trust into smaller trust zoneszones3 3Cisco Cyber VisionCisco Identity Services EngineITSensorZONE 1ZONE 2SensorSensorDefine the IT/OT Boundary with Cisco Secu