Select Page

Segmenting My OT Network for Cyber Resiliency


Segmenting My OT Network for Cyber Resiliency


Improving Your Cyber Resiliency with OT Network Segmentation

When a ransomware called LockerGoga hit one the largest aluminum producers in the world, the organization was forced to take computer systems offline and switch to manual operations. The malicious phishing attack led to costly outages and production slowdowns.

But LockerGoga isn’t the only cyber threat to impact industrial operations. A new type of ICS malware called TRITON recently reprogrammed a facility’s Safety Instrumented System (SIS) controllers, causing an automatic shutdown of the industrial process.

Regardless of whether a cyber incident originates on the IT side of the business, or was introduced intentionally or accidentally on the OT side, a single firewall separating IT and OT is no longer enough.

Without effective segmentation of ICS and SCADA networks, ransomware and other cyber threats gain free flowing lateral access to operational systems, enabling potentially dangerous disruption or damage.


Real-time Network Visualization

As outlined in IEC 62443 standards, OT segmentation is considered best practice when it comes to controlling communications across ICS and SCADA systems.

OT zone segmentation is an effective way to mitigate perimeter breaches, as well as prevent intentional and accidental OT and IoT cyber incidents from spreading. But achieving effective network segmentation requires visibility into your OT network structure, and insight into where vulnerabilities lie.

The Nozomi Networks solution automatically creates a visualization of your entire network, often uncovering aspects of your industrial control system you weren’t previously aware of.

Upon deployment, it immediately analyzes your ICS network traffic and builds a live, interactive network visualization containing extensive information, including:

  • The identity of all entities communicating over the network
  • The ability to navigate and filter to see:
Nodes Links
Zones Sessions
Topology Traffic
Subnets Protocols
Network segments Open TCP connections

Using this information makes it easy to identify segmentation problems or determine where new segmentation is needed.  

The Nozomi Networks solution also automatically identifies asset vulnerabilities. This allows operators to use segmentation as a risk mitigation measure for groups of devices with the same vulnerabilities.

Overall, the solution’s advanced network visualization and vulnerability assessment capabilities help identify opportunities to strengthen cyber resiliency and prevent a network infection from spreading.


Nozomi Networks Solution: Network Visualization Topology
The Network View pane on the left allows users to easily navigate and filter by different subnets and network segments. The views on the right show details of the network area selected.

Superior Operational Visibility

Vantage’s network visualization capabilities help improve your understanding of the network structure and activity. It delivers the information needed to plan and implement an effective OT network segmentation strategy.

More Challenges


Effectively Monitoring My SCADA Networks

To optimize the use of raw materials, production schedules and logistics, I need visibility into – and data out of – my OT/IoT networks.

Learn More


Proactively Identifying Equipment Wear

A truck can cost $5M. A single tire, $60K. I need to know if any component is approaching burnout before it disrupts process stability.

Learn More


Defending the Mine Against Malicious Data Theft

To protect my production numbers, business plans and IP from prying eyes, I need to secure my OT data and systems.

Learn More

Want to Know More?