Explainer | 5 min read
Zones and conduits in OT network segmentation
A plain engineering explanation of security zones, conduits, trust boundaries and practical segmentation decisions in OT networks.
Placeholder
What a zone represents
A security zone groups assets with similar security requirements, operational function or trust level. In an industrial environment, zones should reflect how systems are engineered and operated, not just how they appear on a network diagram.
Typical discussions include PLC and safety systems, SCADA servers, engineering workstations, historians, vendor support routes and site-to-business interfaces.
What a conduit represents
A conduit is the controlled communication path between zones. It should describe what needs to communicate, why it communicates, who owns it and what control or monitoring evidence exists.
For brownfield sites, the first useful outcome is often a clearer map of existing conduits before any firewall changes are proposed.
Related services and problems
Continue through related service, problem and resource pages for the same OT cybersecurity topic.
Discuss practical OT cybersecurity evidence
Use a technical discovery call to frame the system boundary, known constraints and the evidence needed before sharing sensitive site details.