OUR APPROACH

INDUSTRIAL IT INFRASTRUCTURE DESIGN

Sound network and security infrastructure is a prerequisite to today’s advanced manufacturing automation systems. Industry’s thirst for actionable information and intelligence has pushed the limits of legacy automation systems and the proprietary networks of days past. Modern IACS (Industrial Automation and Control Systems) are built on future-ready network and security infrastructures that are based on information technology (IT) best-practices. These infrastructures enable the “Connected Enterprise” and the Industrial Internet of Things (IIoT) while also providing real-time control of your critical production equipment. At Malisko, we consider industrial networking and security as one of our top priorities in building a solid automation foundation for your manufacturing facility. Infrastructure in this sense is the basis for everything we do. When it comes to infrastructure, we subscribe to the motto, “You’re either going to do it right, or you’re going to do it over.” We get it right the first time to enable your processes to run reliably, safely, consistently, and efficiently while satisfying the data requirements of today and the future.

INDUSTRIAL IT INFRASTRUCTURE DESIGN

Sound network and security infrastructure is a prerequisite to today’s advanced manufacturing automation systems. Industry’s thirst for actionable information and intelligence has pushed the limits of legacy automation systems and the proprietary networks of days past. Modern IACS (Industrial Automation and Control Systems) are built on future-ready network and security infrastructures that are based on information technology (IT) best-practices. These infrastructures enable the “Connected Enterprise” and the Industrial Internet of Things (IIoT) while also providing real-time control of your critical production equipment. At Malisko, we consider industrial networking and security as one of our top priorities in building a solid automation foundation for your manufacturing facility. Infrastructure in this sense is the basis for everything we do. When it comes to infrastructure, we subscribe to the motto, “You’re either going to do it right, or you’re going to do it over.” We get it right the first time to enable your processes to run reliably, safely, consistently, and efficiently while satisfying the data requirements of today and the future.

HOW INDUSTRIAL NETWORKING AND NETWORK SECURITY HAVE CHANGED

Industrial networking and security have evolved. Today, information flows in both directions — from the enterprise level all the way down to the process and machine control level. Proprietary controls networks have given way to converged Ethernet networks integrating more tightly with enterprise systems. The convergence of IT and OT (information and operations technology respectively), has brought a whole host of new challenges for manufacturers and systems integrators alike. Convergence of these technology platforms opens up many more vulnerabilities if the infrastructure is not properly designed. Poorly designed network infrastructure has sub-performance implications; but equally as important is how a design reflects overall consideration of security. Industrial networking and security go hand-in-hand, and should be designed in parallel. Malisko Engineering Network, Security, and Information Specialists bring a wealth of knowledge and experience to your team in applying IT concepts to the OT world. When you partner with Malisko, we are your ally in keeping your OT systems robust, safe, secure, and reliable.

DEFENSE-IN-DEPTH: THE PHILOSOPHY BEHIND INDUSTRIAL SECURITY

No single appliance or software package can serve as a comprehensive security safeguard in a manufacturing environment. That is why we employ a defense-in-depth strategy. Our experienced team has a detailed understanding of industrial networking and security. From proper network segmentation, policy enforcement, access control lists, to using the appropriate industrially-hardened IT equipment, we’re attentive to minute details of how network and security infrastructure affect the IACS. Our best-practice, multi-layered defense strategy consists of physical hardware layers, procedural layers and electronic layers of defense that complement, and even integrate directly with, your enterprise security. Every layer works together. Every layer is individually secure. And that adds up to form a wholly secure system. That’s defense-in-depth.

COLLABORATION BUILDS THE BEST PROCEDURES, AWARENESS, AND TRAINING

Convergence of IT and OT goes beyond the integration of hardware and software. We work with your IT and operations teams to balance functional and application requirements. You need sound, robust, and always-available network and security infrastructure that is transparent to your operation. Like building infrastructure, IT and OT infrastructure is simply expected to do its job in providing a platform that enables other activities and processes. The team who supports these systems needs to be comfortable with the physical and logical frameworks. Malisko-designed Network and Security infrastructure incorporates industry-best practices; but the overall deployment is unique to you and your operation. We take the extra time and care to get your team on-board with IT/OT convergence initiatives to get the most out of your future-ready system.

SECURING SERVERS, WORKSTATIONS, APPLICATIONS, AND DEVICES

When it comes to Industrial IT systems, we focus first on plantwide network and security infrastructure to pave the way for the rest of your system deployment. But even the best infrastructure deployments don’t provide end-point security for your peripheral devices. That’s why we take security down to individual components within your system. Your servers, workstations, applications, and devices all require security measures to fully and properly secure your system.

We set up a protection mechanism for your servers and workstations through thorough hardening methods including group policies, software patch management, anti-virus detection software, uninstalls of unused Windows components, and protection of computer interface ports, such as USB, parallel or serial interfaces.

We secure your applications by hardening out-of-the-box access. Many automation platforms have fully open security and administrator privileges granted for all users on fresh installations of the software suites. We go through the extra steps required to properly grant access. Our systems can track user access and user changes through authentication, authorization, change management and accounting.

We deploy industrial service routers to protect Cell/Area Zones within a manufacturing network restricting access to entire functional areas of a plant.

We use device hardening to restrict physical access to authorized personnel only, disable remote programming capabilities where appropriate, encrypt communications, restrict network connectivity to authenticated users and restrict access to internal resources. We practice controller hardening. This allows us to use authentication and authorization to restrict logical access to PLCs from restricted engineering workstations. We track both access and changes using change management. We restrict physical access to your system using cable lock-in and port block-out devices. Unauthorized personnel will simply not have “walk up, plug in” access to your system and your network.

We implement switch hardening using firewalls, network infrastructure access protection, domains of trust, secure remote access policies and encrypted switch operation systems.

THE IMPORTANCE OF INDUSTRIAL IT

Learn how industrial and enterprise networks are different and how they should be treated differently.

Click To Start Your Free White Paper Download

500 N BROADWAY SUITE 1600 ST LOUIS, MO 63102

(314) 621-2921

500 N BROADWAY
SUITE 1600
ST LOUIS, MO 63102

(314) 621-2921