Register for this Webinar
On-Demand Webinar:

Network Security in Industrial Ethernet Networks

Many industrial networks use Ethernet and the protocols of the TCP/IP stack. However, these protocols were designed long before security was a main goal for the development of networking protocol. Hence, these networks are inherently insecure and require additional protocols and extra care to be run securely. This presentation provides an overview of some of the lesser known security features that can help to harden your network against network-level attacks.



Originally presented: October 19, 2017
Duration: 1 hour
Presented by:

Overview

Many industrial networks use Ethernet and the protocols of the TCP/IP stack. However, these protocols were designed long before security was a main goal for the development of networking protocols. Hence, these networks are inherently insecure and require additional protocols and extra care to be run securely. This presentation provides an overview of some of the lesser known security features that can help to significantly harden your network against network-level attacks.

Starting with an overview of good network design practices, attendees will learn about spoofing attacks in Ethernet. ARP spoofing, DNS spoofing, rogue DHCP and tampering with wireless management frames pose a severe threat to any Ethernet network. However, simple and effective countermeasures such as Port Security, Dynamic Arp Inspection, DHCP snooping and IP Source Guard are rarely used in industrial environments. This presentation explains these mechanisms and shows how to apply them to industrial networks. We will briefly discuss attacks against the management frames of wireless networks. In addition, different network architectures as well as monitoring mechanisms are discussed and explained.

Finally, the audience will get a brief overview how network management software can simplify the task of adding firewalls to existing networks and how networks with many firewalls can be managed with adequate effort. A short overview of security monitoring mechanisms concludes the presentation.

Key Take-Aways

  • Learn the fundamentals of security in Ethernet and TCP/IP networks
  • Understand the importance of network design patterns like defense-in-depth and zones and conduits
  • Understand the strengths and limitations of network design patterns like the screened host and screened subnet design pattern
  • Learn how to efficiently manage networks with many firewall systems
  • Find out about the importance of network monitoring to react to breaches in a timely manner

Speakers

Tobias Heer, Prof. Dr., Technology and Innovation, Hirschmann Automation and Control GmbH

Tobias Heer has been with Belden since 2012 and has specialized in topics that revolve around security and wireless in industrial control systems. He is a professor for Networking and IT Security at the University of Applied Science in Albstadt-Sigmaringen, Germany. He received his doctoral degree in 2011 and worked as a postdoctoral researcher at the Chair of Communication and Distributed Systems at RWTH Aachen University. His focus areas are IT and network security, network protocol design, and wireless communication. Heer was involved in the development and standardization of secure Internet protocols in the Internet Engineering Task Force (IETF).

Lars Geiger, Dr., Project Management Office, Hirschmann Automation and Control GmbH

Lars Geiger joined Belden in 2012 and is the product owner of the firewall product lines. Besides his responsibilities for the software and hardware development of firewall products, his main interests are network protocol design and network security in general. He received his doctoral degree from the University of Stuttgart, where he worked in the research area of distributed computer networks.