Modern hackers, looking for ways to monetize their capabilities, have increasingly turned their attention to OT networks. IT assets can be backed up, but ransomware can completely shut down a target’s production. OT networks are designed with a zoned security model with shared flat networks within each zone; getting past the zone firewall defenses allows attacks to spread laterally. Furthermore, digital transformation business initiatives trigger application changes that weaken the effectiveness of the firewall. For example, factory upgrades that increase productivity with cloud-based manufacturing AI can expand the attack surface, exposing legacy devices to modern cyber-threats.
Today, a contributing factor to data leakages, insider threats, and cyberattacks is the organization’s need for cross-zone connectivity. Frequently, an advanced application would need to connect across multiple zones, which results in creating firewall exceptions (e.g. Microsoft services using port 445). A worm can then leverage those exceptions and attack machines in other zones. Even servers in transit zones become vulnerable to infection, and soon enough, the entire network becomes compromised.
Since CoIP routes on an overlay plane, all the firewall exceptions and holes can now be closed. CoIP then uses Layer 7 Application Interlock (including authentication and fingerprinting) to grant specific applications and users access inside the overlay, while blocking any other traffic that is unauthorized. As shown in the diagram below, CoIP’s overlay technology allows companies to block malware on three fronts:
Want to learn more and schedule a call with us?
Copyright © 2019 Zentera Systems, Inc.
All Rights Reserved.
All other trademarks and copyrights are the property of their respective owners.