The Purdue Reference Model, as adopted by ISA-99, is a model for Industrial Control System (ICS) network segmentation that defines six layers within these networks, the components found in the layers, and logical network boundary controls for securing these networks.
Deep Packet Inspection
Deep packet inspection (DPI) is an advanced method of examining and managing network traffic. It is a form of packet filtering that locates, identifies, classifies and reroutes or blocks packets with specific data or code payloads that conventional packet filtering, which examines only packet headers, cannot detect.
OSI Model
The OSI Model (Open Systems Interconnection Model) is a conceptual framework used to describe the functions of a networking system. The OSI model characterizes computing functions into a universal set of rules and requirements in order to support interoperability between different products and software.
MODBUS
Modbus is a data communications protocol originally published by Modicon in 1979 for use with its programmable logic controllers. Modbus has become a de facto standard communication protocol and is now a commonly available means of connecting industrial electronic devices
Network TAPs - Test Access Points
Network TAPs are a purpose-built hardware device that sits in a network segment, between two appliances (router, switch or firewall), and allows you to access and monitor the network traffic. TAPs transmit both the send and receive data streams simultaneously on separate dedicated channels, ensuring all data arrives at the monitoring or security device in real time.
SPAN - Switch Port Analyzer
What is a SPAN port? SPAN (Switched Port Analyzer) is a dedicated port on a switch that takes a mirrored copy of network traffic from within the switch to be sent to a destination. The destination is typically a monitoring device, or other tools used for troubleshooting or traffic analysis.
Network Switch
A network switch is networking hardware that connects devices on a computer network by using packet switching to receive and forward data to the destination device. A network switch is a multiport network bridge that uses MAC addresses to forward data.
Defence In Depth
A defense-in-depth strategy refers to a cybersecurity approach that uses multiple layers of security for holistic protection. A layered defense helps security organizations reduce vulnerabilities, contain threats, and mitigate risk. In simple terms, with a defense-in-depth approach, if a bad actor breaches one layer of defense, they might be contained by the next layer of defense.