Abstract: The traditional single-point defense strategy for industrial networks is not suitable for the current situation of network security as the situations and challenges of network security get severe and complicated increasingly. In this paper, a scheme to construct the concept of defense in depth in the industrial network was proposed according to the particular protection characteristics of industrial network, as well as the concept of three-dimensional security protection in the field of internet. In this scheme, the whitelist-based security system is deployed at the industrial control terminal, the access control policy based on the minimum authority principle is set up in the local area network (LAN), and the tools to alleviate the threats were added at the network boundary. This scheme was applied in the SCADA network system of West-to-East Gas Pipeline, and it experienced 4 penetration tests and the attack of worm viruses, e.g. WannaCry and Petya. It is indicated that the network security protection strategy based on the concept of defense in depth can effectively protect the industrial system from the external and internal attacks and it greatly improves the safety and reliability of industrial SCADA systems.