implementing-network-segmentation-for-ot
Installation
SKILL.md
Implementing Network Segmentation for OT
When to Use
- When an OT security assessment reveals a flat network with no segmentation between Purdue levels
- When implementing IEC 62443 zone/conduit architecture after completing risk assessment (IEC 62443-3-2)
- When separating IT and OT networks as part of an IT/OT convergence security initiative
- When deploying a DMZ between corporate IT and OT to protect industrial systems from IT-originating threats
- When segmenting safety instrumented systems (SIS) from basic process control systems (BPCS)
Do not use for IT-only microsegmentation without OT components (see implementing-zero-trust-in-cloud), or for initial zone design without prior traffic analysis (see performing-ot-network-security-assessment first).