You're reading from IoT and OT Security Handbook Assess risks, manage vulnerabilities, and monitor threats with Microsoft Defender for IoT

Product type Paperback

Published in Mar 2023

Publisher Packt

ISBN-13 9781804619803

Length 172 pages

Edition 1st Edition

Concepts

Cybersecurity

Authors (2):

Smita Jain

Vasantha Lakshmi

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1: Understand the Challenges in IoT/OT Security and Common Attacks

2. Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0 FREE CHAPTER

3. Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model

4. Chapter 3: Common Attacks on IoT/OT Environments

5. Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today

6. Chapter 4: What Is Microsoft Defender for IoT?

7. Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?

8. Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?

9. Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust

10. Chapter 7: Asset Inventory

11. Chapter 8: Continuous Monitoring

12. Chapter 9: Vulnerability Management and Threat Monitoring

13. Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework

14. Index

Why subscribe?

15. Other Books You May Enjoy

Diverse ways of traffic mirroring for OT monitoring

Network sensors, which are a significant part of the MDIoT architecture, receive data or traffic from the following:

SPAN ports
The network terminal access point (TAP)

In Figure 5.4, we can see that the OT devices send traffic for analysis through the managed switch with port mirroring:

Figure 5.4 – Example of the network used in an OT environment

We will now learn about different methods used for traffic mirroring in an OT environment to enable monitoring with MDIoT.

To focus on specific and relevant network traffic for traffic analysis, you need to connect MDIoT to a network mirroring port on a switch or a TAP that only covers industrial ICS and SCADA traffic.

SPAN

Port mirroring, commonly known as Switched Port Analyzer (SPAN), is a method of monitoring network traffic. When port mirroring is enabled, the switch sends a copy of all the network packets visible on a single...

The rest of the chapter is locked

You're reading from IoT and OT Security Handbook Assess risks, manage vulnerabilities, and monitor threats with Microsoft Defender for IoT

Table of Contents (16) Chapters

Diverse ways of traffic mirroring for OT monitoring

SPAN

Unlock this book and the full library FREE for 7 days

Authors (2)

Personalised recommendations for you