What is a Bastion Host?
A bastion host is a specially hardened server that serves as an entry point to an internal network. It acts as a controlled gateway between an untrusted network (e.g. the internet or IT) and a secured OT network, and is often used for remote management.
In OT environments, a bastion host prevents direct access to PLC, SCADA or Engineering Station from untrusted Zones.
π§ How does a bastion host work?
- External user signs in to the bastion host
- Authentication and verification
- Often with MFA, Access Control and Audit Logging
- Access to internal systems
- The bastion host connects to OT resources on the userβs behalf
Key characteristics:
- A single entry point for management
- Isolated from other systems
- Full monitoring and logging available
- Typically a βhardenedβ OS without unnecessary services
Think of a bastion host as a digital security airlock between IT and OT.
π Use of bastion hosts in OT networks
- Access control to Jump Server or Engineering Station
- External maintenance parties first sign in to the bastion before reaching OT
- Remote Access with full session logging and anomaly detection
- Shared access with RBAC for auditable sessions
- Placement in the IDMZ between IT and OT (per the Purdue Model)
Bastion hosts are essential for enforcing Zero Trust access in OT environments.
π Bastion host vs. jump server
| Aspect | Bastion host | Jump server |
|---|---|---|
| Purpose | Secure access gateway | Connection bridge between zones |
| Security | Heightened (hardened, minimal attack surface) | Depends on implementation |
| Logging & audit | Standard | Optional |
| Use in OT | Front-end access point for external connections | Internal bridge between OT segments |
π Security considerations
- MFA required to sign in to the bastion host
- SIEM integration for real-time monitoring
- Access only from whitelisted IPs and ports
- Regularly updated and patched
- Firewall rules limit traffic between bastion and OT
- Full session logging and recording for compliance
A bastion host is effective when it is tightly managed, narrowly accessible and well-monitored.
π In summary
A bastion host is a critical component in an OT security architecture, providing controlled, logged and secure access to internal systems. It prevents direct connections and reinforces access management at a central point.