What is a VPN?
A VPN (Virtual Private Network) is a technology that establishes a secure and encrypted connection over an insecure network, such as the internet. It is used to connect networks or devices remotely while preserving the confidentiality, integrity and authenticity of data.
π Why use a VPN?
- Secure remote access to internal systems
- Protection of communication against eavesdropping or tampering
- Connects two networks as if they were locally linked
- Essential for secure access to OT environments from IT or external locations
ποΈ How does it work?
In a VPN connection, an encrypted βtunnelβ is set up between two endpoints:
- Client β VPN server
- Or: OT network β IT network via a site-to-site VPN
Commonly used protocols include:
- IPsec
- OpenVPN
- WireGuard
- SSL/TLS VPN
π Applications in industrial environments
| Application | Example |
|---|---|
| Remote access | A technician securely logs in to a PLC or SCADA system |
| Remote monitoring | A cloud platform analyses data from the Historian |
| Remote administration | Managing IT/OT networks from other locations |
| Inter-site connections | Connecting multiple plants via site-to-site VPN |
VPNs often form part of the Defense in Depth principle for network security.
π VPN vs. other technologies
| Technology | Characteristic |
|---|---|
| VPN | Connects entire networks or devices |
| Jump server | Restricted access via controlled access points |
| Remote desktop | Access to a specific machine interface |
β οΈ Watch out
- A VPN secures the connection, not the device itself
- Misconfigured VPNs can grant access to unintended networks
- Combine VPN with Firewall, SIEM and multi-factor authentication (MFA)
π In summary
A VPN makes it possible to gain remote and secure access to internal networks and systems. In industrial environments it is a crucial component for safe IT/OT integration and remote management.