The dynamic management of traffic within an operational technology (OT) network raises a number of challenges. To address those types of challenges, techniques are presented herein that enable end-to-end intent-based networking to control access between the OT domain and on-premise or cloud-based data center (DC) domains. Aspects of the presented techniques employ deep packet inspection (DPI) of industrial protocols within the OT domain (e.g. by sensors) and map Internet of Things (IoT) devices and traffic flows to abstract tags (through, e.g. a robust security facility), export such tags to a common policy server that bridges both domains, assign the IoT devices to corresponding security profiles (e.g., based on their device characteristics as expressed by tag metadata), and map the security profiles to specific fabric overlay microsegments (e.g., endpoint groups (EPGs)) within a DC or cloud domain.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Szigeti, Tim; Barton, Robert; Henry, Jerome; and Zacks, Dave, "INTENT-BASED NETWORKING FROM THE IOT EDGE TO THE APPLICATION SERVER", Technical Disclosure Commons, (March 18, 2021)