Table of Contents
Advertisement
In a VPN, data is transferred between two or more participants in encrypted form.
For this reason, a VPN connection is recommended, for example, for mobile access
to a flow computer, access to the private network or for data communication via
2.8.4. Preventing unauthorized external access using a firewall
To reduce the risk to your network, we highly recommend including a firewall or some other
mechanism to limit the network traffic between the (external) central accounting center resp.
control station and the (internal) network of the gas measuring plant in a target manner.
Furthermore, we recommend allowing protocols and ports only that are actually used for data
exchange with the external network, e.g. by adding these to the white list of the firewall and allow
data exchange with trusted participants only. Supported data protocols for GQ devices are shown
in the following table.
Protocol
Standard
port
MMS
102
Modbus
502
TCP
NTP
123
Following Example shows a router and a firewall between the metering device and the control
room during data exchange via Modbus TCP in a trustworthy network.
Information for general use
Rev. M / 73023639
SAFETY AND WARNING INFORMATION
different systems is of great importance.
Description
Manufacturing Messaging Specification (pursuant to ISO standard
9506) allows communication between enSuite and enCore devices, for
example, access to an enCore device via the remote operation panel.
Protocol for data exchange by user-defined registers between AMR and
enCore devices using a standard TCP/IP network.
Network Time Protocol for the high precision time synchronization of
enCore devices with an NTP time server.
Figure 2.4: Example of a router and firewall
39
GasLab Q2
Advertisement
Table of Contents
