ZEISS enhances production floor security with Cisco Cyber Vision and the expert services of Orange Business

ZEISS, headquartered in Oberkochen, Germany, is a global technology company focused on the optics, precision mechanics, and optoelectronics industries.

With over 12,500 patents worldwide and 7,500 employees in research and development, innovation and constant transformation are crucial to remain competitive in the long term. For a market leader, securing intellectual property is key.

The manufacturing sector is undergoing a significant transformation, driven by the need for increased security alongside technological integration to streamline operations and create greater Operational Equipment Efficiency. ZEISS is no exception.

It has multiple sites and a complex secure environment with thousands of devices and many different connections. This is a considerable challenge when it comes to understanding traffic patterns and tracking the behaviors of each device, as well as support, maintenance and asset management.

To enhance visibility and strengthen the enterprise’s security posture, a comprehensive and clear map of network communications was required, whether initiated internally or by a third party. This enables security teams to analyze traffic patterns across distributed architectures, ensuring governance and compliance with evolving industry regulations. Additionally, systematically collecting data on OT technology assets forms the foundation for a robust data-driven security program tailored to the needs of the multinational.  

ZEISS and Orange selected the Cisco Cyber Vision platform to addres the increasing threat landscape for the business. It has been specifically designed by OT people for industrial organizations to gain full visibility into their industrial networks while operating at the network edge to reduce latency and provide real-time analysis.

With a partnership spanning over 25 years, Orange and Cisco have enormous synergy and experience managing complex office and industrial networks worldwide, which works perfectly in this scenario.

The Orange Business designed solution leverages the unique edge-compute capabilities of the Cisco network devices in the existing managed OT and IT LAN area in a smart manner. It is a great advantage that the SW is seamlessly located very close to the various endpoints and machines for production, facility, and enterprise management. This ensures less additional complexity in providing 24/7 maintenance and clear responsibilities and reduces the number of potential loopholes. Only a very low overhead of meta-data is computed on the switch, causing no additional burden – and therefore potentially high costs – for the existing LAN.

The Cyber Vision platform discovers and identifies OT assets, including devices, protocols, and communications patterns, providing an overarching view of the industrial network. It passively monitors and analyzes network traffic to identify and understand OT protocols, drawing up a picture of how devices communicate and exchange data.

In addition, the platform provides operational insights for OT and security posture for IT. This insight enables ZEISS to build secure infrastructures, drive regulatory compliance, and enforce security policies to control risks. This ensures continuity, business resilience, and safety.

In combination with Cisco’s Identity Services Engine (ISE), a next-generation identity and access control policy platform, ZEISS is enabled to enforce compliance and provide secure network access to end users and devices.

Cyber Vision, alongside a Cisco Secure Firewall and a Firewall Management Center, allows for segmentation, reducing manual workloads. It also allows for IT/OT collaboration and enables firewall policies in line with industrial OT processes.

Securing the industrial network

The increased integration of IT, cloud, and industrial networks is exposing industrial control systems to even greater threats. ZEISS chose Orange because of their expertise and intense understanding of OT needs and the daily applied security expertise, helping ZEISS to detect the relevant events, providing recommendations and immediate defend if required.

Also, full visibility into its industrial networks and OT security posture allows for segmenting the industrial network where necessary and reinforce cybersecurity policies to reduce the attack surface.

This global presence of Orange ensures consistent support and service delivery across all your operational sites. Orange Business is fully accountable for the solution and fully tests all software updates before deployment, initiating corrections where necessary.