easy-accordion-free domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114zoho-flow domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114Zero Trust Network Access (ZTNA) is a secure remote access service. It verifies remote users and grants them access to the right resources at the right times based on identity and context policies.\u2026 Read more on Cisco Blogs<\/a><\/em><\/p>\n \u200b<\/p>\n Zero Trust Network Access (ZTNA) is a secure remote access service. It verifies remote users and grants them access to the right resources at the right times based on identity and context policies. <\/em>This is part 3 in our blog series about ZTNA for operational technology (OT). Check out <\/em>Part 1<\/em><\/a> for why ZTNA beats out always-on VPNs for OT remote access and <\/em>Part 2<\/em><\/a> for how ZTNA reduces the attack surface by restricting access methods and verifying remote users\u2019 security posture.<\/em><\/p>\n Video cameras are everywhere, including in facilities with the strictest physical access controls. Even if you trust an individual to enter a sensitive area, you still need to monitor their activities once they\u2019re in the door. Seeing a suspicious activity, you can step in to stop it. And if problems crop up after the visit, reviewing a recording can help pinpoint what went wrong.<\/p>\n Monitoring and recording activities are equally critical when it comes to remote users accessing your OT networks. It\u2019s not enough to verify the identity of remote employees, vendors, and contractors. Neither is it enough to know who is connected to what OT\/ICS assets. You also need to know what users are doing during remote access sessions. Most organizations lack that visibility today, a shortcoming for cybersecurity compliance, governance, the ability to stop and recover from breaches, and incident investigation.<\/p>\n Conveniently, Cisco Secure Equipment Access (SEA)<\/a> gives you an all-in-one solution to grant remote access, enforce access controls, and monitor and record remote session activity. Here are three ways you can take advantage of Cisco SEA to actively control OT remote access.<\/p>\n See a list of all active sessions on the Cisco SEA console. By clicking on the session between \u2018User A\u2019 and \u2018Asset B\u2019 you can watch session activities as they happen, including commands sent to the asset. Watching a vendor configure an OT\/ICS asset can be helpful for training, for example. And if you see something suspicious, like an attempt to change the code or a variable in a programmable logic controller (PLC), you can terminate the session with a click and disconnect the remote user. Remote session termination is required by ISA\/IEC62443-3-3 FR2<\/a>.<\/p>\n Cybersecurity best practices require maintaining a detailed history of all past sessions, useful for security audits, forensic investigations, and regulatory compliance. The EU\u2019s NIS2 Directive<\/a>, for example, requires a full audit trail for every event that affects critical infrastructure and OT security standards such as ISA\/IEC62443-3-3<\/a> require records of all login attempts. Cisco SEA logs both system-generated and user-generated events. For example, review how remote users authenticate, including usernames, time, device posture, and session activities. Or see who added new users or new assets to the system.<\/p>\n Optionally record sessions for selected assets, simply by selecting the asset on the console and checking a box. Recordings enrich your audit trail and can be particularly helpful for troubleshooting. If an asset like a robot arm, wind turbine, or highway sign stops working, for example, you might discover that a vendor recently upgraded the software or made a typo in a new configuration. Faster troubleshooting helps you put the asset back into production sooner.<\/p>\n Summing up, Cisco SEA gives you a single interface to protect your ICS and OT assets with ZTNA. Require all remote users to authenticate through a single point. Control which assets they can access and at what times. And do what a video camera does by monitoring all remote session activities and recording data for security audits.<\/p>\n Learn more about Cisco Secure Equipment Access here<\/a>.<\/strong><\/p>\n \u00a0\u00a0Learn how Cisco Secure Equipment Access gives you visibility into active and past remote access sessions, lets you terminate an active session if something doesn\u2019t look right, and record sessions for training or forensics.\u00a0\u00a0Read More<\/a>\u00a0Cisco Blogs\u00a0<\/p>","protected":false},"excerpt":{"rendered":" <\/p>\n Zero Trust Network Access (ZTNA) is a secure remote access service. It verifies remote users and grants them access to the right resources at the right times based on identity and context policies.\u2026 Read more on Cisco Blogs<\/a><\/em><\/p>\n \u200b<\/p>\n Zero Trust Network Access (ZTNA) is a secure remote access service. It verifies remote users and grants them access to the right resources at the right times based on identity and context policies. <\/em>This is part 3 in our blog series about ZTNA for operational technology (OT). Check out <\/em>Part 1<\/em><\/a> for why ZTNA beats out always-on VPNs for OT remote access and <\/em>Part 2<\/em><\/a> for how ZTNA reduces the attack surface by restricting access methods and verifying remote users\u2019 security posture.<\/em><\/p>\n Video cameras are everywhere, including in facilities with the strictest physical access controls. Even if you trust an individual to enter a sensitive area, you still need to monitor their activities once they\u2019re in the door. Seeing a suspicious activity, you can step in to stop it. And if problems crop up after the visit, reviewing a recording can help pinpoint what went wrong.<\/p>\n Monitoring and recording activities are equally critical when it comes to remote users accessing your OT networks. It\u2019s not enough to verify the identity of remote employees, vendors, and contractors. Neither is it enough to know who is connected to what OT\/ICS assets. You also need to know what users are doing during remote access sessions. Most organizations lack that visibility today, a shortcoming for cybersecurity compliance, governance, the ability to stop and recover from breaches, and incident investigation.<\/p>\n Conveniently, Cisco Secure Equipment Access (SEA)<\/a> gives you an all-in-one solution to grant remote access, enforce access controls, and monitor and record remote session activity. Here are three ways you can take advantage of Cisco SEA to actively control OT remote access.<\/p>\n See a list of all active sessions on the Cisco SEA console. By clicking on the session between \u2018User A\u2019 and \u2018Asset B\u2019 you can watch session activities as they happen, including commands sent to the asset. Watching a vendor configure an OT\/ICS asset can be helpful for training, for example. And if you see something suspicious, like an attempt to change the code or a variable in a programmable logic controller (PLC), you can terminate the session with a click and disconnect the remote user. Remote session termination is required by ISA\/IEC62443-3-3 FR2<\/a>.<\/p>\n Cybersecurity best practices require maintaining a detailed history of all past sessions, useful for security audits, forensic investigations, and regulatory compliance. The EU\u2019s NIS2 Directive<\/a>, for example, requires a full audit trail for every event that affects critical infrastructure and OT security standards such as ISA\/IEC62443-3-3<\/a> require records of all login attempts. Cisco SEA logs both system-generated and user-generated events. For example, review how remote users authenticate, including usernames, time, device posture, and session activities. Or see who added new users or new assets to the system.<\/p>\n Optionally record sessions for selected assets, simply by selecting the asset on the console and checking a box. Recordings enrich your audit trail and can be particularly helpful for troubleshooting. If an asset like a robot arm, wind turbine, or highway sign stops working, for example, you might discover that a vendor recently upgraded the software or made a typo in a new configuration. Faster troubleshooting helps you put the asset back into production sooner.<\/p>\n Summing up, Cisco SEA gives you a single interface to protect your ICS and OT assets with ZTNA. Require all remote users to authenticate through a single point. Control which assets they can access and at what times. And do what a video camera does by monitoring all remote session activities and recording data for security audits.<\/p>\n Learn more about Cisco Secure Equipment Access here<\/a>.<\/strong><\/p>\n1 \u2013 Monitor, join, and terminate active sessions<\/h2>\n
2 \u2013 Maintain a complete log of past sessions<\/h2>\n
3 \u2013 Record sessions to see what happened<\/h2>\n
Keep it simple, with an all-in-one solution for secure equipment access<\/h2>\n
1 \u2013 Monitor, join, and terminate active sessions<\/h2>\n
2 \u2013 Maintain a complete log of past sessions<\/h2>\n
3 \u2013 Record sessions to see what happened<\/h2>\n
Keep it simple, with an all-in-one solution for secure equipment access<\/h2>\n