EnergySec’s new white paper, “Network Perimeter Defense: Best Practices in Network Segmentation,” has now been released. Read the paper for tips on how to segment operational technology (OT) and informational technology (IT) networks.
Abstract: This paper will examine different ideas for how to effectively segment networks. It will examine the Zero Trust Model, which is based on the idea that it is no longer adequate to assume a network has a “trusted inside” and “untrusted outside.” It then examines a couple different models for how to segment a control systems network using a DMZ or the Purdue Model. The paper finishes with looking at how effective network segmentation helps lead to compliance with the NERC CIP requirements.