This would potentially allow for complete automation in moving endpoints between quarantine and other dynamic address groups. However, it is possible within PANOS version 8.x to dynamically remove as well as add a tag to the offending source traffic. In this example, administrative attention is required in order to remove an endpoint from the quarantine group. The general flow is depicted in the chart below. High-level diagram depicting IT/OT boundary where the multi-factor security use cases would be applied: Provide encrypted conduits from ICS locations to various data centers and dynamically mesh these tunnels.Auto-quarantine endpoints upon authentication failure and critical security events.Introduce multi-factor authentication (2FA) for access to the Operational Technology (OT) networks and applications.It is also important that these measures allow for automation where possible to reduce operational costs and incident response fatigue. The primary goal for all three use cases is to provide additional security measures to protect the ICS network. This document will examine three use cases related to using Palo Alto Networks next generation firewall within an Industrial Control System (ICS) environment.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |