AboutOpen SourcePricing
Partners
Resources
Contact Us
Get flexiWAN

Securing SCADA and ICS Networks with flexiWAN

Building Resilient, Secure, and Modern Connectivity for Critical Infrastructure

the logo for flexi wan
By Ivor Kreso

Published June 8, 2025.

a diagram of a network with a lock on it

In this article

The Changing Landscape of Industrial Networking

Security and Visibility with flexiWAN

Built on Linux, Open by Design

A Practical Example: Secure Access in a Water Utility Network

Show More

Modern SCADA and ICS environments are evolving rapidly—integrating cloud services, supporting remote teams, and becoming more interconnected than ever. With that growth comes the need for smarter, more secure networking.

While progress has been made, many industrial systems remain exposed or inadequately segmented. The need to enhance security, improve visibility, and simplify access control continues in 2025.

flexiWAN, a modular SD-WAN platform, gives industrial operators the ability to meet these demands using open-source, policy-driven connectivity—without vendor lock-in.

The Changing Landscape of Industrial Networking

In recent years, a shift has taken place in how industrial systems are accessed and managed. From remote PLC programming to vendor diagnostics, connectivity is no longer optional—it’s part of daily operations.

However, public research and platforms Shodan or Censys searches reveal PLCs from vendors like Siemens, Schneider, or Allen-Bradley directly accessible online, with weak or no authentication. These include:

  • Web interfaces to PLCs and RTUs

  • OPC UA servers accessible over public IPs

  • HMI dashboards with default credentials

These findings highlight the need for modern, security-conscious access infrastructure that supports existing operations rather than disrupting them.

Security and Visibility with flexiWAN

flexiWAN is an open source SD-WAN & SASE solution built for the modern edge. It brings a secure, policy-based overlay to SCADA and ICS environments, making it easier to control, monitor, and protect infrastructure across multiple sites.

Key Features for Industrial Deployments

Secure Connectivity

  • Easy to deploy and automated IPsec tunnels between control centers and field locations

  • Traffic encryption and integrity by default

Granular Access Policies

  • Role-based controls for internal teams and external vendors

  • Define who can access what, and when

Segmentation and Isolation

  • Separate traffic between PLCs, sensors, HMIs, and corporate IT

  • Prevent lateral movement and reduce risk scope

Centralized Management and Monitoring

  • Visibility into all connections and sessions

  • Integration with SIEMs, logging tools, or third-party observability stacks

Edge Resilience

  • LTE/5G support for backup or remote sites

  • Flexible deployment on ruggedized hardware

Built on Linux, Open by Design

flexiWAN is not just modular—it’s also transparent. Running on open-source Linux, it gives operators complete control over the stack, from networking and routing to access enforcement and logging.

This means you can:

  • Inspect and harden the software you run

  • Choose exactly how your edge devices behave

  • Update securely and consistently across all locations Avoid the limitations of closed, vendor-managed appliances

This level of transparency and flexibility is especially valuable in security-conscious environments like ICS and SCADA.

A Practical Example: Secure Access in a Water Utility Network

a laptop with a lock on the screen


A regional utility company needed to modernize how engineers and integrators accessed remote pump stations. The prior setup used manual VPN configurations and firewall rules across dozens of unmanaged routers.

With flexiWAN:

  • Each site was connected using a secure, policy-driven tunnel

  • Vendors received restricted access to only the equipment they were authorized to maintain

  • Session activity was logged centrally, and all exposure to public IPs was eliminated

No changes were required to the PLCs, HMIs, or SCADA software. The overlay provided by flexiWAN added security and visibility without interrupting operations.

Deployment Without Lock-In

With flexiWAN, you’re free to choose the hardware and deployment model that fits your environment:

  • Industrial PCs, fanless DIN-rail units, LTE-enabled edge routers

  • Virtual instances for control rooms or centralized environments

  • Tested platforms from our hardware vendors

You stay in control of the infrastructure—and the roadmap.

Ready to Secure Your SCADA or ICS Network?

If you’re looking to modernize and protect your industrial systems—whether it’s SCADA environments, PLCs, or remote sites—flexiWAN offers a flexible and secure way to do it, without locking you into a single vendor.

We work with organizations of all sizes to design reliable, policy-based connectivity that fits real-world industrial needs.



Have questions or want to explore how this could work for your setup? Get in touch with us to schedule a consultation and learn how flexiWAN can help.

Learn more:

Related Articles

The Demise of Routing Monopolies

The Demise of Routing Monopolies

Sorell Slaymaker

May 10, 2024

Why We Selected GitLab over GitHub to Host flexiWAN Open Source SD-WAN

Why We Selected GitLab over GitHub to Host flexiWAN Open Source SD-WAN

Nir Ben Dvora

May 10, 2024

A New flexiWAN Release Supporting VLAN and Security Improvements

A New flexiWAN Release Supporting VLAN and Security Improvements

Ivor Kreso

May 9, 2024

SD-WAN Redundancy: Ensuring Continuous Connectivity Across Links and Tunnels

SD-WAN Redundancy: Ensuring Continuous Connectivity Across Links and Tunnels

Ivor Kreso

June 8, 2024

What Does SD-WAN Do?

What Does SD-WAN Do?

Nir Ben Dvora

May 8, 2024