Sensor placement considerations
Once you understand the target OT network architecture and how the Purdue model applies to it, you may start planning sensor connections in an MDIoT deployment.
Generally, MDIoT is used to monitor traffic from Purdue layers 1 and 2. However, in most modern organizations, OT traffic exists on layer 3 as well; therefore, you can use MDIoT to monitor layer 3 traffic.
Review your OT and ICS network diagram with site engineers to determine the best place to connect to MDIoT to get the most relevant traffic for monitoring. We encourage you to meet with local network and operational teams to clarify your and their expectations. It is a promising idea to create a list of the following information for the target network:
- A list of devices.
- The number of OT networks in the target site.
- The number of devices in the OT network.
- The vendors and industrial protocols in the OT segment.
- Network engineering managers and supporting external...
