I am after some advice.
My employers plc network is seperate from the corporate IT network.
Our main plc system is AB ranging from ML/SLC/CL/Logix5000.
The factory has increased in size from a single plant to several
I have recently started to network previously non networked devices, putting in HP Procurve network switches.( my background is primarily electrical but starting to learn networking slowly, so be gentle).
To provide OEM's with remote access through the sepearte IT network & Firewall to plant ab network,the company is using **** as the preferred vehicle for the external remote access.
My issue is security of my plant network, a OEM who has **** access to his own panel,which is turn part of my plant network can then see all other slc/cl's in that ip range.
Is there a way to limit how far his remote access can see, for example if his project incorporates 2 plc's. and they are in series with a dedicated port on one of hp managed switches, can i stop his access into my domain past this port, but still allow full access from inside the plant network.
Look forward to any advice.
thanks
My employers plc network is seperate from the corporate IT network.
Our main plc system is AB ranging from ML/SLC/CL/Logix5000.
The factory has increased in size from a single plant to several
I have recently started to network previously non networked devices, putting in HP Procurve network switches.( my background is primarily electrical but starting to learn networking slowly, so be gentle).
To provide OEM's with remote access through the sepearte IT network & Firewall to plant ab network,the company is using **** as the preferred vehicle for the external remote access.
My issue is security of my plant network, a OEM who has **** access to his own panel,which is turn part of my plant network can then see all other slc/cl's in that ip range.
Is there a way to limit how far his remote access can see, for example if his project incorporates 2 plc's. and they are in series with a dedicated port on one of hp managed switches, can i stop his access into my domain past this port, but still allow full access from inside the plant network.
Look forward to any advice.
thanks