Siemens and Zscaler are partnering to enable customers to securely access Operational Technology (OT) systems and applications in the production network from the workplace – whether in the office or working remote. These new capabilities enable users to remotely manage and control quality assurance or diagnoses issues.
To ensure that the OT network is not exposed to any increased threat potential, Siemens and Zscaler have expanded the "Defense-in-Depth" OT concept secured by a Zero Trust Architecture. Based on the principle of "least-privilege access", Zero Trust only authorises application-specific access based on verified user identity and context. In combination with the existing OT security mechanisms, such as cell protection firewalls, this allows implementation of a granular access concept. In addition, production requirements for availability and real-time capabilities continue to be met. This is operationalised by installing the app connector for the cloud-based remote access service Zscaler Private AccessTM (ZPATM) on a Docker container in the Siemens Scalance LPE local processing platform, thus creating an access solution for industrial environments. Centralized management in the Zscaler Zero Trust ExchangeTM cloud platform and the use of outbound connections facilitate more restrictive configuration of existing firewall rules, and the reduction of operating costs for administration and monitoring. Existing legacy systems can also be easily retrofitted with the Zero Trust Exchange solution. This offering is now available to customers through Zscaler and Siemens.
Hanna Hennig, Information Technology CIO at Siemens, explains: "Operators of larger corporate networks are faced with the challenge of carrying out production work remotely with uniform security guidelines for OT and IT. By combining our communication technology with Zscaler technology, we can bring IT's Zero Trust approach directly into the OT environment. We have already successfully tested this approach in some of our own plants."
"Today, the protection of companies can no longer be limited to just IT settings. In times of converging IT and OT infrastructures, organisations must also take the security and access requirements of their production surroundings into account," says Deepak Patel, OT Security, Office of CEO at Zscaler. "Together, Siemens and Zscaler are now bringing the benefits of Zero Trust to OT environments, thereby increasing control and protection mechanisms for all technology assets, including in production environments."