Oakley said:Here is a depiction of what I was referring to.
Note: the ControlLogix gateway allows access to the process LAN from the corporate LAN. The SCADA system will always have connectivity to the process LAN for control, data acquisition, etc. The process LAN is also isolated from the corporate LAN - provides better throughput (no print jobs, email, internet, etc inteferring), and is isolated from network virus attacks.
I'm no IT guy, but I did stay at a Holiday Inn last night. I would have a problem with my SCADA being tied to the corporate LAN via the 2nd NIC card. Very susceptable to corporate wide virus attack, no?
Here's what we do. A little different but it has worked out well and been very secure. Almost too secure sometimes.