Positioned so your Layer 7 firewall can do its job.
Why the DMZ? Why not next to the equipment?
Most remote access products get plugged in next to the equipment of interest. That is a mistake; it means traffic flows through the packet inspection firewalls in an encrypted state - rendering the analysis useless. Dispel's uplink sits in the DMZ, so the traffic flowing to hardware inside the perimeter passes through your firewall in an analyzable form.
I want hyper-segmentation. How does that work with this?
We whitelist from the uplink to the equipment. You can either stage firewalls behind each uplink, or treat it as a junction.
Who are you kidding? There is no DMZ here. Help!
This is not our first rodeo. We can design and deploy a full OT security stack and network for you. We might bring in help to do it.