Download
Share
Print this page
  1. Manuals
  2. Brands
  3. GarrettCom Manuals
  4. Switch
  5. Ethernet Networks and Web Management
  6. Brochure

GarrettCom Ethernet Networks and Web Management Brochure

Secure industrial control utilizing high speed ethernet networks and web management
Hide thumbs

Advertisement

Quick Links

Download this manual
Secure Industrial Control Utilizing High Speed
Ethernet Networks and Web Management
GarrettCom, Inc.
47823 Westinghouse Drive
Fremont, CA 94539
PH: (510) 438-9071
FAX: (510) 438-9072
www.GarrettCom.com

Advertisement

loading
Need help?

Need help?

Do you have a question about the Ethernet Networks and Web Management and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for GarrettCom Ethernet Networks and Web Management

Summary of Contents for GarrettCom Ethernet Networks and Web Management

  • Page 1 Secure Industrial Control Utilizing High Speed Ethernet Networks and Web Management GarrettCom, Inc. 47823 Westinghouse Drive Fremont, CA 94539 PH: (510) 438-9071 FAX: (510) 438-9072 www.GarrettCom.com...

  • Page 2: Security Overview

    INTRODUCTION This paper explores the state of network security options today at the Ethernet switch level and offers an elementary roadmap for industrial operations to plan for and deploy secure communications systems. Industrial systems need to take advantage of the advanced networking technologies that can support greater efficiency, reliability, and security in plant and remote operations.
  • Page 3 Standards-based Ethernet networks, with cost effective hardware and software available from many competing vendors, can make a significant impact. For example, leading Ethernet switch vendors are adding security in the switch with IEEE and other standards support for security features.
  • Page 4 Ethernet network itself. Telnet managed by the switch can be used for remote login to the switch manager software. However, Ethernet’s benefits to industrial applications run far beyond such restricted local applications.
  • Page 5 • providing audit, measurement, monitoring and detection tools; While Ethernet switch management software can, and should, attend to these components, implementation requires sophisticated security management advice making best use of standards, guidelines and experts. ETHERNET SECURITY STANDARDS Where web access is convenient, security does not have to be compromised.
  • Page 6 (TLS). These features allow an Ethernet switch to handle HyperText Transfer Protocol Secure (HTTPS), the highest level of Web access security available. Other security strategies available to Ethernet equipment include port security, remote Telnet access security, password protection and remote unit cut-off protection. Appendix B offers a brief primer on the components of some of the most well-known security standards.
  • Page 7 Ethernet switch level, assisting readers in appreciating the multiple levels of industrial network security and the overall complexity required to achieve a highly secure distributed communications system. REFERENCES Bond, Andrew, “Security Could Put Process Control Under IT”, ControlGlobal.com, The Online Resource of Control Magazine, April 11, 2005, http://www.controlglobal.com/articles/2005/293.html.
  • Page 8 APPENDIX A BRIEF OVERVIEW OF SP99 AND PCSRF At the vanguard of developing security guidelines for industrial control systems are the Instrumentation, Systems, and Automation Society (ISA) and the National Institute of Standards and Technology (NIST). ISA, through its SP99 committee, has published two technical reports on manufacturing and control systems security that address the growing threats to industrial system security.
  • Page 9 • security vulnerabilities addressed by this technology; • typical deployment; • known issues and weaknesses; • assessment of use in the manufacturing and control system environment. In addition it discusses anticipated future directions, offers recommendations and guidance, and points the reader to information sources and reference material. While TR1 can be considered a primer, TR2 offers more comprehensive information regarding methodologies and components necessary to create a complete security program, and suggests a process to implement more secure systems.
  • Page 10 APPENDIX B SECURITY STANDARDS IN USE IN ETHERNET INSTALLATIONS The protocols and standards listed below are readily available components that can be used to implement secure Ethernet networks in factories, power substations and other industrial sites. SNMP Simple Network Management Protocol, introduced in 1988, is a standard for gathering and managing statistical data about network traffic and the behavior of network components such as switches, hubs, routers and any device which is SNMP enabled.
  • Page 11 authorized manager, and that the message was not altered in transit. Note that the shared secret key between sending and receiving parties must be preconfigured by a configuration manager or a network manager, and loaded into the databases of the various SNMP managers and agents. A separate “privacy facility”...
  • Page 12 Media Access Control (MAC) address against a known list of approved MAC addresses. If there is an insecure access on a secondary device connected to a switch, these levels of control allow authorized users to continue to access the network while unauthorized packets are dropped.