Radiflow > Case Studies > Securing a Large Data Center in the EMEA Region

Securing a Large Data Center in the EMEA Region

Radiflow Logo
 Securing a Large Data Center in the EMEA Region - IoT ONE Case Study
Technology Category
  • Application Infrastructure & Middleware - Database Management & Storage
Applicable Functions
  • Facility Management
Services
  • Software Design & Engineering Services
The Challenge

The main objective stated by the customer was hardening the security of the server systems, and creating a framework for in-house operators to monitor the network and receive alerts upon network traffic exceptions:

  1. Securing the facility’s power supply (IEC61850)
  2. Securing the server cooling system
  3. Strengthening the segmentation between building and operational systems.
  4. Creating a visual OT network map
  5. Setting up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities
The Customer

Data Centers in EMEA Region

About The Customer

Data centers are among the most complex and difficult facilities to secure, and a prized target for hackers attempting to disrupt a myriad of commercial, industrial and other online activities. Like any other facility security project, data center security combines physical and software security, that applies to both server operation and supporting systems – cooling, power supply, etc.

The Solution

The first step in the project was meeting with the customer to determine their objectives and learning about the nature and the specifics of the IT-OT network at the data center.

Next, a network model (digital image) of the OT network was created. This was done using the iSID threat detection & monitoring platform, by analyzing a representative amount of data traffic, recorded using a parallel data stream (as to not disrupt operations) from the facility's main data switch.

Once completed, iSID was able to provide a detailed network model, including all assets, firmware, ports, open connections and protocols, and vulnerabilities/risks associated with different assets.

Once complete, the iSID-generated digital image was reviewed by Radiflow’s cyber experts, in tandem with the customer, and modified to reflect network attributes that couldn’t be detected programmatically.

Once all unnecessary open ports and unnecessary protocols were handled, the model was deemed complete and suitable for reflecting the network’s baseline activity, as well as for use as a visual network map, down-drillable to each and every device’s full properties, links, and vulnerabilities.

At the same time, iSID automatically created a logical business unit model, each with different security needs. These business processes, also reflected in the network map, allow applying different communication, asset, and protocol rules in iSID, depending on criticality.

Using rule-based alerts for specific devices, iSID created a central monitoring point for critical systems, with alerts for exceeding different sensor or controller values, as well as changes to controller logic or adding devices to the network.

Operational Impact
  • [Cost Reduction - Overall]
    • Securing the facility’s power supply
    • Securing the server cooling system
  • [Efficiency Improvement - Inventory Management]

    Setting up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.