User Manual

ManualsBrandsSiemens ManualsBuilding automationBuilding automation and control systems - System Catalog 2016

> White Paper | Best Practices in Digital Transformation

uenormous amounts of data in real-time, many in the industry

believe that it is not enough, and that human input is needed to

reﬁne the ﬁndings.

Threat intelligence seeks to detect anomalies, by establishing a

baseline of normal behavior so that abnormalities can be detected

through the use of user behavior and user analytics.

Threat intelligence also looks to identify “indicators of compromise”.

These are the tools, techniques and procedures used by attackers

from the artifacts left behind in an attack. From this intelligence,

countermeasures can be implemented to prohibit future attacks.

Techniques here include Network Anomaly Detection which is the

action of ﬁnding behaviors in network trac which do not conform

to expected patterns and Root Cause Isolation Root Cause Isolation

(RCI) which is the process of identifying the source of anomalies

(potentially problems) in a system using only data observation.

Root-Cause analysis involves an automatic investigation of problem

KPIs and diagnosis regarding failure reasons through the automation

of the diagnosis process by creating models per cell, KPI and area to

identify the component leading the anomaly.

Much recent media attention on data center security has focused

on the threat of disruption caused by malware, targeted DDoS and

other electronic forms of assault. Yet focussing eorts purely on

combatting unseen, stealth attacks from digital sources can draw

attention away from the threat of physical attacks on, or accidental

damage to, premises and equipment.

Multi-tenant facilities and colocation give business agreed levels

of freedom to manage their own software and hardware in a

controlled environment, possibly sharing access to server rooms

to carry out upgrades, repairs, new installations, and routine

maintenance. That increases the volume of trac, vehicle and

human, travelling in and out of the facility. This has the possibility

of increasing the threat of disruption if not carefully and securely

managed.

There are two related principles that apply to the physical protection

of the data center. The ﬁrst is ‘defense in depth’, that is to ensure

protection is backed up so that if it fails at one point then there is a

further defense behind that, and ‘layered’ security. As data centers

need to provide access as well as defense, a key component of

security is the need to organise it around a series of points at which

further access is allowed or denied to someone seeking entry to the

facility.

There will be the continuing need to deploy available security

measures to protect the data center that may include perimeter

walls, embankments and fences, multiple security checkpoints,

manned security stations, mantraps, biometric readers., keeping

the building away from the perimeter, keeping equipment racks

away from any external walls and away from windows, surveillance

networks covering both internal and external areas and perimeters,

intruder/ﬁre alarm and control systems, lockable racks and cages

in multi-tenanted environments, ﬁre-proofed/air-locked doors,

powder ﬁre extinguishers, a gas based building wide ﬁre suppression

systems and access controls. Further advances based on facial

or retinal recognition, the deployment of AI to drive access and

security systems, technological improvements around CCTV,

motion detection, the remote control of locking mechanisms, the

use of laser technologies to create beams that provide a barrier to a

protected zone can be deployed as they are developed.