Palo Alto has extended its relationship with Siemens to prevent attacks on critical infrastructure. This latest move will see the two companies integrate products into a new security platform. The goal is to deliver a solution that will replace the traditional PC gateway often used in IT, OT and ICS environments. By creating a single solution, it should be easier to deploy, manage and update.
Anand Oswal, senior vice president of Network Security for Palo Alto Networks, said: “Critical infrastructure, such as smart utility substations, intelligent transportation systems, traffic signaling, and private broadband gateways in remote locations, is incredibly challenging to secure because the systems are highly distributed, complex and often in very harsh environments. But securing these systems is paramount as they make for high-profile targets for cyberattacks, with impacts that go beyond economic consequences.
“By bringing together our Next-Generation Firewall technology with Siemens’ experience in industrial control systems and unique environments, companies can protect their industrial control systems and other key infrastructure without compromising security, performance, or the ability to scale.”
What will be in this new solution?
Both companies are delivering technology to the solution. Palo Alto is contributing its VM-Series Virtual Next-Generation Firewalls. It is a product line often bought by large enterprises looking to protect their networks. As such, Palo Alto has managed services it can deliver around the firewalls. It also uses machine learning inside the firewalls allowing them to adapt to new attacks as they emerge.
Siemens is bringing its Ruggedcom Multi-Service Platform. Unlike the Palo Alto firewalls, this is a set of network modules designed for extreme environments. They have an operating temperature range of -40oC to 85oC and are hardened to handle shock and vibration. Additionally, they can operate in environments with high electromagnetic interference. It makes them ideal for military, complex manufacturing and remote environments.
The plan is to deliver the Palo Alto VM Series Virtual NGFWs on the Ruggedcom RX1500 series device. It will give customers a highly robust, hardened device with an enterprise-level virtual firewall. It can be deployed in static locations for CNI, or it could be deployed into more mobile environments. For example, onboard ships, trains, submarines and even spacecraft.
Enterprise Times: What does this mean?
The key element here is that the two companies are delivering proper hardened equipment with enterprise-ready software. It is a solution that is robust enough to be deployed anywhere yet manageable by SOC teams as part of a managed services plan. In replacing the PC gateway, it is also a solution that should significantly improve security, not weaken it.
As attention continues to focus on OT and CNI, it would be a surprise if we didn’t see more solutions like this. The PC as a gateway has proven to be a flawed solution, albeit the only one we had for a while. Now we are moving forward, and that, for many organisations, will be welcomed.
