A network security device (software or hardware) that monitors and filters network traffic based on predefined security rules. In an ICS environment, firewalls are used to segment networks (for instance, between the corporate IT network and the OT network, or between control levels) and to restrict traffic to only what’s needed. They can range from simple devices allowing only specific IP/port combinations, to more advanced ones that understand industrial protocols (industrial next-gen firewalls that can, say, allow Read commands but block Write commands to a PLC).
