Firewall
A gateway that limits access between networks in accordance with local security policy.
In ICS networks, firewalls can exist in multiple locations in the network architecture and serve a variety of purposes. The first, and often the most important, is the firewall segmenting the ICS network from the business network. This firewall acts as the primary network boundary point that controls the ingress/egress of network traffic between the ICS and business networks. This firewall may also be a single device connected to multiple network segments, where the firewall defines individual zones for the different network segments and can control access to the zones and between the zones. This can limit the ability of an adversary to traverse a network.
Related Assets
| Name | Sectors | Description |
|---|---|---|
| Boundary Firewall | General |
A boundary firewall is used to control the flow of traffic between two different networks. It is typically used to delineate the different levels of the Purdue Model. |
| Device Firewall |
A device firewall is used to control the flow of traffic between a network and an individual device. It is used when additional protections are required beyond that of a boundary firewall. For example, a boundary firewall may limit traffic on the network to two protocols, but, a device firewall may further limit traffic to a particular device on that network to a single protocol. |
