Professional Documents
Culture Documents
Daniel Hertweck
IT/OT Convergence Specialist
Yazan Alnajjar
Industrial Cybersecurity Specialist
IT INFRASTRUCTURE
FOR OT ENVIRONMENTS
The core of the Industrial Automation DataCenter is a virtualization solution with virtual
machines, supplemented by suitable hardware and software components for increased
overall system availability and energy-efficiency.
The operating system and The hypervisor handles SIMATIC Virtualization as a Service
the user software are made the dynamic distribution offers this technology as a ready-to-
available in form of a virtual of the host resources to run complete system including
machine (VM). the virtual machines. configuration and system support.
SIMATIC PCS 7
Security threats
demand action
Defense in Depth
based on IEC 62443
Plant Security
Network Security
System Integrity
Industrial Cybersecurity
Services
is a designated area within a network that acts as a buffer zone between the internal, trusted
network and the external, untrusted network (e.g., the internet). It is designed to enhance security
and control over the flow of data and communication.
The primary purpose of an industrial DMZ is to improve the security posture of critical
infrastructure and industrial control systems (ICS). It helps protect against cyber threats and
unauthorized access to industrial networks, which can have serious safety and operational
implications.
DMZs facilitate the controlled exchange of data between the internal and external
networks, allowing organizations to monitor and filter traffic, and manage access to sensitive
systems.
Level - 4
Level - 3.5
Level - 3
Level - 2
Level - 1
Perimeter Zone
Middle Zone
Internal Zone
• Security Assessments
• Industrial Security Consulting
• Security Awareness Training
• Endpoint Protection
• Vilocify Vulnerability Services
• Patch Management
• Backup and Restore
Operational
High energy efficiency and space Continuity
thanks to remote
savings through virtualization platform management of
and optimized use of IT resources infrastructure by
IT/OT experts
Systems
> 3.100
Virtual Machines
> 40.000
Customers
> 500
Siemens is ranked #3 in global market share of the Top 10 Industrial Software Companies,
[ahead of Amazon (#4), Oracle (#5) and IBM (#8)] – Global IOT Analytics
Customer challenge
• Reliable digitalized infrastructure providing accessibility and connectivity
for all systems
• Compliance with highest requirements of pharma industry (GMP, FDA, ISA 88)
Solution
• SIMATIC Virtualization as a Service
• Backup and Restore Professional server, Process Historian server
• On-site and remote support during the implementation phase
• Technical support for the network and active directory integration
• Consulting, Implementation and Optimization Services for the entire lifecycle
Customer benefit
Pre- High • Pre-configured, tested system and utilization of the latest digital technologies
• High availability and reliability while maintaining system flexibility
configured availability • Basic IT/OT security measures implemented as standard
and tested and • Coordinated lifecycle services, technical pre-sales and after-sales support
from Siemens provide security and cost transparency
reliability
Yazan Alnajjar
Industrial Cybersecurity Specialist
yazan.alnajjar@siemens.com
www.siemens.com/iadc
© Siemens 2023
Siemens provides products and solutions with industrial security functions that support the secure operation of plants,
systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain –
a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute one element of such a concept.
Customers are responsible for preventing unauthorized access to their plants, systems, machines and networks. Such systems,
machines and components should only be connected to an enterprise network or the internet if and to the extent such a connection
is necessary and only when appropriate security measures (e.g., firewalls and/or network segmentation) are in place.
For additional information on industrial security measures that may be implemented, please visit https://www.siemens.com/cybersecurity.
Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends that product
updates are applied as soon as they are available and that the latest product versions are used. Use of product versions that are no longer
supported, and failure to apply the latest updates may increase customer’s exposure to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed
under https://www.siemens.com/cybersecurity.