[SCADASEC] IBM is offering 'SCADA security best practices'...
Matthew Franz
mdfranz at gmail.com
Thu Feb 7 19:50:00 CST 2008
> I think asking which IT vendors are cross-over vendors is a reasonable
> question, but not the right question. To me the right question is which
> cross-over vendors have the domain expertise to offer products that work
> in a control system environment. Without teaming with control system
> domain experts, the list shrinks real fast. Many of the best practices,
> intrusion detection/prevention systems, etc are for DCS/SCADA HMI
Joe,
If you spin up your broken record I'll play mine (as scratched and
warped as it is)
I agree about the need for teaming, and it cuts both ways because if
your SCADA vendor is still stuck back in 1998 and talking about
"managed switches" and has little understanding of all the devices and
protocols that live on complex 21st century networks: packet
shapers/QoS knobs, voip, storage networks, wan optimization/content
distribution/caching, Of course that some of the vendors on your short
list are probably using much of the same kit (and least in software)
that the "IT Security" vendors are using...
So what would your top 3 list of "IT" IDS best practices that would
not work for SCADA/DCS/HMI?
Always curious,
- mdf
More information about the scadasec
mailing list