Der Blätterkatalog benötigt Javascript.
Bitte aktivieren Sie Javascript in Ihren Browser-Einstellungen.
The Blätterkatalog requires Javascript.
Please activate Javascript in your browser settings.
itsa 2025 24 itsa Magazine 2025 www markttechnik de • Network inventory to identify all devices This process helps to create a clear understanding of the devices present on the network which is essential for effective management and monitoring With an inventory list that is always up to date companies are wellinformed about the status of individual devices can identify unauthorised or unknown devices and ensure that all devices are taken into account in accordance with applicable security policies and procedures • Use of continuous monitoring tools Realtime monitoring solutions track device activity detect anomalies and respond immediately to potential threats These tools provide insight into device performance communication patterns and data flow enabling the detection of unusual or suspicious behaviour Companies should look for tools that use artificial intelligence to penetrate anomalies in network traffic in order to identify potentially compromised devices – especially since availability of endpointbased protection measures for the IIoT is very limited • Regular security audits or penetration tests Security audits serve to comprehensively review policies configurations and practices to ensure that they comply with all applicable security and compliance requirements Penetration tests simulate real attacks to assess the effectiveness of existing protective measures and uncover potential security vulnerabilities Focus Eliminating common vulnerabilities Eliminating common vulnerabilities – in the form of builtin backdoors and unpatched firmware – is crucial to maintaining the security of connected devices in the long term Backdoors are hidden or undocumented access points in a device‘s software or firmware that allow unauthorised access to the device or its network These backdoors are often builtin by manufacturers for maintenance or troubleshooting purposes but can be exploited by attackers criminals?? if not properly secured The following measures are necessary to eliminate common vulnerabilities including builtin backdoors • Review the manufacturer‘s device documentation for potential vulnerabilities This includes checking the security guidelines the firmware update process default settings and any known issues or notices related to the device • Change default logins and initial access information Preset user names and passwords should be replaced immediately with strong unique login details for all IIoT devices Default login information is often known making it easy for attackers to exploit Using a unique password for each device is an effective way to prevent widespread compromises • Consistent implementation of security patches Regular security patches and updates on all IIoT devices help to fix known vulnerabilities and improve device security Manufacturers frequently release patches to fix bugs close security gaps and improve protection against new threats Focus secure deployment An important step in secure deployment is restricting access to critical resources This is where network segmentation comes into its own It involves dividing a network into smaller isolated segments or subnets each with its own security controls This measure prevents threats from spreading unhindered throughout the network and reduces the risk of a compromised IIoT device leading to a major security breach IIoT devices should be used in their own network segment separate from other areas with VLAN structures and firewalls with dedicated security controls ideally in place between the different network segments Last but not least implementing a zerotrust architecture helps to further mitigate the risk It is also important to set up access controls and establish guidelines that determine who or what is allowed to access certain resources within a network This includes the management of user rights The aim here is to ensure that users are given access to the devices they need for their daily work depending on their role in the company When defining access controls companies should also ensure that they have strong authentication and identity management in place for all devices It is also essential to monitor access consistently and to regularly review access management policies Conclusion Insecure poorly configured and vulnerable IIoT devices are a tempting target for malicious actors individuals? Companies are therefore well advised to obtain a complete overview of all devices operating on their network They should monitor their network for vulnerabilities and patch it regularly segment it and enforce strict access controls to limit the impact of a potential attack and reduce the security risk At itsa 2025 WatchGuard will present corresponding solutions including the realtime monitoring solution “WatchGuard Threat-Sync+ NDR” and the T-Series firewall appliances ak WatchGuard Technologies Hall 7 Booth 230 Hall 8 Booth 424 With the recently introduced T-Series firewall appliances nothing stands in the way of effective network segmentation Image WatchGuard Technologies