OT Network Basics: Field, Layer 2, Layer 3 Before Building DMZ
Understanding industrial network architecture before moving into DMZ and segmented OT environments.
Before working with OT security concepts such as DMZ architecture, it is essential to understand how industrial networks are structured at a fundamental level.
A common issue in OT cybersecurity training is that many people attempt to jump directly into security topics without understanding how the underlying network is built.
This creates gaps in understanding, especially when dealing with segmented industrial environments.
Why network fundamentals matter in OT security
Industrial networks are not flat or abstract systems. They are structured in layers, each with a specific role in the control and communication process.
Without understanding these layers, concepts such as DMZ, segmentation, and OT SIEM monitoring become difficult to interpret correctly.
The three core OT network levels
Industrial environments can be understood through three foundational layers:
1. Field level
The field level is where physical control originates.
It includes: - PLC systems - sensors - actuators
This layer is responsible for generating real-world process data such as temperature, pressure, flow, and state changes.
The field level represents the physical interaction layer between industrial systems and real-world processes.
2. Layer 2 (Data link level)
Layer 2 represents local network communication between industrial devices.
At this level: - PLCs communicate with HMIs - devices exchange data over Ethernet - local industrial communication begins to form structured flows
This layer is responsible for device-to-device connectivity within industrial segments.
3. Layer 3 (Network level)
Layer 3 introduces routing and network segmentation.
At this stage: - multiple systems are connected across routed networks - traffic is segmented and controlled - industrial environments become structured and scalable
This is where OT networks begin to resemble enterprise-grade architectures with defined communication paths.
Transition to DMZ architecture
Understanding these three layers is a prerequisite for working with DMZ environments in OT security.
Without this foundation, segmentation concepts and security zoning strategies are difficult to apply correctly.
Why this structure matters
In industrial cybersecurity, understanding how data moves from field devices to structured network layers is essential for: - designing secure architectures - implementing segmentation strategies - analyzing attack paths - building effective monitoring systems
Conclusion
OT network architecture is built in layers, starting from physical process control at the field level and extending to structured network segmentation at Layer 3.
A clear understanding of these foundations is required before moving into DMZ design and advanced OT security concepts.
The next step in this learning path is the introduction of DMZ architecture and zone-based industrial security models.