GarrettCom Ethernet Networks and Web Management Switch User Manual


 
be properly addressed, the benefits of controlling the functioning of equipment in remote locations
such as power substations, and linking outlying facilities such as aircraft maintenance hubs and other
far-flung industrial applications. Web access provides very significant efficiency improvements and
cost-savings, but this is also the area of greatest threat since the whole world has access to the Internet.
Ethernet equipment vendors must, therefore, take the lead in providing security for Ethernet networks,
and, furthermore, must support the more broad-based systemic security requirements from such
standards bodies as the ISA and NIST and NERC.
Once a closed-loop network is opened to access to and from the web, password protection is no longer
enough. While security has multiple components, Ethernet equipment can address security issues by
providing protection in the areas of concern documented by the ISA SP99 committee:
assuring that a user is who he/she claims to be (authentication) and access authorization
for that user
encryption and validation as data crosses the Internet so that it cannot be easily
accessed and stolen
filtering and blocking access control
providing audit, measurement, monitoring and detection tools;
While Ethernet switch management software can, and should, attend to these components,
implementation requires sophisticated security management advice making best use of standards,
guidelines and experts.
ETHERNET SECURITY STANDARDS
Where web access is convenient, security does not have to be compromised. Authentication and
encryption can be implemented today in industrial environments by using the same standards and
controls that handle the world’s financial transactions via the web. Through established security
standards, network management software can provide this functionality by providing Simple Network
Management Protocol Ver. 3 (SNMP v3), Secure Socket Layer (SSL) and Transport Layer Security
4