Automotive seat system supplier nationwide factory OT

Security Project

Customer Requirement
  • Industrial-grade firewalls are deployed at the boundaries of each factory's production network and office network, using whitelist strategies to strictly restrict unauthorized access and supporting in-depth analysis of industrial protocols (such as Modbus, OPC, etc.) to ensure that production data flows only within the authorized scope.
  • Through hardware-level isolation and traffic encryption technology, viruses, ransomware and other threats are blocked from infiltrating production systems.
  • Deploy a unified security management platform to achieve centralized management of firewall devices nationwide, support one-click distribution of policy templates, unified log collection and analysis, and real-time push of alarms (such as abnormal traffic and configuration changes).
  • Provides a visual large-screen display of network risk status, supports automated vulnerability scanning and compliance checks, and meets multi-level regulatory requirements.
  • Deploy the firewalls and implement network isolation in batches by region. Simultaneously, conduct employee security training and emergency drills to ensure that there is no production interruption during the renovation process.
Solution
  • Key network exits, core switch, and wireless controller nodes all use HA design
  • The production area and office area are isolated through firewalls, and detailed strategies are implemented to ensure security within the production line.
  • The production firewall device serves as the gateway device for the entire production environment, and traffic is controlled by the firewall in different areas.
  • The entire production line achieves full network coverage. The distribution of access points (APs) is planned based on the actual environment of each factory workshop and the key coverage areas, ensuring the stability of the network for endpoint devices in the workshop and guaranteeing the operation of AGVs.
Customer Benefits

The production and office networks are completely isolated, blocking over 90% of cross-network attack risks and reducing the probability of critical equipment and data being threatened by ransomware or human error by 80%;

Through the management platform, unified policy management is achieved, reducing operation and maintenance response time by 70%, while meeting data security and information security compliance requirements of the domestic and international automotive industries.

Centralized control reduces manual inspection costs, supports rapid access to new factory firewalls in the future, and reserves secure interfaces for industrial Internet and intelligent upgrades.