SOLUTION CASE STUDY
IT / OT Segmentation
Client Profile
Client Type - Mid-market
Region - AMER
Industry - Retail
Number of employees - 1200
Business Challenge
- Lack of security tools to secure business-critical services and access to sensitive data.
- Lack of collaboration between IT and OT leaders to define security policy.
- Risk of exposure to security threats.
Solution Outcome
- Highly secure OT network architecture powered by Palo Alto 3000 and 400 next-generation firewalls.
- Improved secure posture and in-depth visibility.
- Security policy to support dynamic and ever-changing OT environment.
Overview
TDI Vertical was engaged to design and implement segmentation of network services between the IT and OT environments.
The goal of segmentation was to provide the Client with a highly-secure OT network architecture and for the business-critical services and sensitive data to be segmented, secured, and without direct exposure to enterprise IT.
Implementation of network segmentation between the IT and OT environments was performed leveraging a multi-phase strategy allowing TDI Vertical and the Client to understand critical traffic flows, OT network devices, required network access, and to align security policy essential to support segmentation of services
Discover / Envision
TDI Vertical performed a network study and a holistic evaluation of critical inter and intra-traffic flows between IT and OT environments.
Collected information provided TDI Vertical and the Client with a complete understanding of all OT devices, network services, and their impact on business.
Additionally, collaborative design workshops were held with IT and OT leaders to discuss the current state of IT and OT network environments and to align security policy and security controls to support segmentation.
Solution Design
TDI Vertical developed a network security design to support segmentation and enable secure access to business-critical services and sensitive data.
- Per-site hardware design. (Bill of material, “BoM”)
- High-level enterprise-wide network architectural design.
- Low-level enterprise-wide network architectural design.
- Implementation framework starting with critical production sites.
- Post-implementation validation and support framework.
Deliver / Deploy
Implementation of segmentation was based on a network security design developed as part of the solution and an existing converged network and security architecture.
Segmentation of services between the IT and OT environments enabled the Client to achieve highly-secure OT network architecture with in-depth visibility and granular control of access.
The use of existing converged network and security architecture allowed the Client to maximize the return on recent investment in network and security hardware.
Why Choose TDI Vertical?
Security Focused
At TDI Vertical, we understand the importance of cyber security. Our security-first approach is critical to the success of our customers and the longevity of their business. By prioritizing security, we minimize the risk of exposure and protect our customers against modern-day cyber security threats, including data breaches, malware attacks, phishing scams, and ransomware attacks.
Proven Experience
With extensive experience in information technology, TDI Vertical understands business challenges with technology, the latest trends, tools, and solutions. As a trusted advisor, our team provides our customers with valuable insights and recommendations based on our knowledge and industry experience, focusing on business needs, strategy, and growth.
Innovation Driven
As an innovation-driven solution provider, TDI Vertical follows a strategic approach to technology selection that involves identifying and evaluating emerging technologies that can provide unique solutions to business challenges. This approach goes beyond traditional technology evaluation methods and identifies innovative technologies to drive business growth and transformation.
