Fortinet white logo
Fortinet white logo
7.2.0

Overview

Overview

FortiNAC integrates with Rugged FortiGates/FortiSwitch to classify OT Devices

Suppose you have an environment where Rugged FortiGates are managing and securing PLC’s (Programmable Logic Controllers) that are connected to physical devices, such as wind turbines, manufacturing tools, robots, oil rigs, etc.

The Rugged FortiGate provides security against cyber-attacks, especially important because these physical devices can be part of crucial infrastructure.

However, someone might move the PLC (which controls the physical device) to another device. In general, you would not to want to move the PLC. But, suppose:

  • A contractor might have pulled a cable accidentally.

  • A malicious person might have moved the PLC.

  • Or… the PLC failed, and a new one needs to installed.

This is where FortiNAC comes in. Following this use case, you can set up your FortiNAC to automatically classify the PLC that was moved.

With FortiNAC working in tandem with FortiGate, the Fortinet Security Fabric will immediately recognize that the PLC has been moved on the network, and automatically provision the network appropriately.

How it works

Using the traffic that traverses the FortiGate, FortiNAC will automatically classify the device, and put the new port in the appropriate VLAN that the PLC belongs in.

FortiNAC will use FortiGate session data to (1) classify the PLC, (2) identify it, (3) manage the PLC if it moves around the network.

This guide provides an example that will illustrate how OT device classification can be set up. Its steps are not meant to be followed exactly; it is an example of what can be done. The user should modify the use case to their own needs.

White paper

See the FortiNAC OT white paper.

Overview

Overview

FortiNAC integrates with Rugged FortiGates/FortiSwitch to classify OT Devices

Suppose you have an environment where Rugged FortiGates are managing and securing PLC’s (Programmable Logic Controllers) that are connected to physical devices, such as wind turbines, manufacturing tools, robots, oil rigs, etc.

The Rugged FortiGate provides security against cyber-attacks, especially important because these physical devices can be part of crucial infrastructure.

However, someone might move the PLC (which controls the physical device) to another device. In general, you would not to want to move the PLC. But, suppose:

  • A contractor might have pulled a cable accidentally.

  • A malicious person might have moved the PLC.

  • Or… the PLC failed, and a new one needs to installed.

This is where FortiNAC comes in. Following this use case, you can set up your FortiNAC to automatically classify the PLC that was moved.

With FortiNAC working in tandem with FortiGate, the Fortinet Security Fabric will immediately recognize that the PLC has been moved on the network, and automatically provision the network appropriately.

How it works

Using the traffic that traverses the FortiGate, FortiNAC will automatically classify the device, and put the new port in the appropriate VLAN that the PLC belongs in.

FortiNAC will use FortiGate session data to (1) classify the PLC, (2) identify it, (3) manage the PLC if it moves around the network.

This guide provides an example that will illustrate how OT device classification can be set up. Its steps are not meant to be followed exactly; it is an example of what can be done. The user should modify the use case to their own needs.

White paper

See the FortiNAC OT white paper.