PLC Network on Office Network???

[robertmee]

Here is a depiction of what I was referring to.

Note: the ControlLogix gateway allows access to the process LAN from the corporate LAN. The SCADA system will always have connectivity to the process LAN for control, data acquisition, etc. The process LAN is also isolated from the corporate LAN - provides better throughput (no print jobs, email, internet, etc inteferring), and is isolated from network virus attacks.

I'm no IT guy, but I did stay at a Holiday Inn last night. I would have a problem with my SCADA being tied to the corporate LAN via the 2nd NIC card. Very susceptable to corporate wide virus attack, no?

Here's what we do. A little different but it has worked out well and been very secure. Almost too secure sometimes.

 

[Oakley]

We do not have a domain server on our process LAN - therefore the connection to the corporate LAN. In addition, we have our web server at the corporate LAN level.

Again, another connection from our servers to the corporate LAN is for the RIB cards - the server team monitors the servers for server stuff.

If we did lift the drawbridge, then we do have connectivity from the corporate LAN to the servers for authentication and server support. Otherwise the SCADA and process LAN are disconnected from the corporate LAN.