Industrial Internet Security Framework v 1.0 | Page 5
Security Framework
Contents
9.2.2
9.2.3
9.2.4
9.2.5
9.2.6
9.2.7
9.2.8
9.3
Network Data Isolation ..................................................................................................... 86
Network Segmentation ..................................................................................................... 87
Gateways and Filtering ..................................................................................................... 88
Network Firewalls ............................................................................................................. 90
Unidirectional Gateways ................................................................................................... 91
Network Access Control.................................................................................................... 93
Using Security Gateways To Protect Legacy Endpoints, Communication and
Connectivity ...................................................................................................................... 94
Security Model and Policies for Protecting Communication ................................................ 95
10 Security Monitoring and Analysis .................................................................................... 96
10.1 Incident Prevention, Detection, Analysis and Response ...................................................... 97
10.1.1 Prior To An Incident .......................................................................................................... 97
10.1.2 During An Incident ............................................................................................................ 97
10.1.3 After An Incident ............................................................................................................... 98
10.2 Security Monitoring and Analytics...................................................................................... 98
10.2.1 Purposes and Kinds of Security Monitoring...................................................................... 98
10.2.2 Types of Security Analytics Systems ................................................................................. 99
10.3 Capturing and Storing Data for Analysis ........................................................................... 100
10.3.1 Logging And Event Monitoring ....................................................................................... 100
10.3.2 Capturing and Monitoring Security Data ........................................................................ 100
10.4 Security Data Protection .................................................................................................. 101
10.5 Special Considerations for Monitoring.............................................................................. 102
10.5.1 Security Model and Policy............................................................................................... 102
10.5.2 Greenfield versus Brownfield Considerations ................................................................ 102
10.5.3 Supply Chain Integrity Monitoring .................................................................................. 103
11 Security Configuration and Management .......................................................................105
11.1 Secure Operational Management vs. Security Management ............................................. 105
11.2 Security Communications Channels .................................................................................. 107
11.3 Secure Operational Management..................................................................................... 108
11.4 Security Management...................................................................................................... 108
11.4.1 Security Policy Management .......................................................................................... 109
11.4.2 Policy Authoring and Definition ...................................................................................... 110
11.4.3 Policy Assignment and Delivery ...................................................................................... 111
11.5 Endpoint Configuration and Management ........................................................................ 111
11.5.1 Secure Software Patching and Firmware Update ........................................................... 112
11.6 Communications Configuration and Management ............................................................ 113
11.7 Identity Management ...................................................................................................... 113
11.7.1 Enrollment Phase ............................................................................................................ 115
11.7.2 Credential Management Phase ...................................................................................... 116
11.7.3 Entity Authentication Phase ........................................................................................... 117
11.8 Security Model Change Control ........................................................................................ 118
11.9 Configuration and Management Data Protection.............................................................. 119
11.10 Security Model & Policy for Change Management ............................................................ 120
12 Looking Ahead—The Future of the IIoT ..........................................................................121
IIC:PUB:G4:V1.0:PB:20160926
-v-
�