Chemical Technology • October 2015
32
PLANT MAINTENANCE & QUALITY
be connected, some with
the ability to prevent the
connection of unauthor-
ized devices.
Firewalls can restrict
traffic flows between cer-
tain devices but have no
understanding of 'who' may
be using those devices. The
addition of modern secu-
rity technologies such as
Identity Services, enables
connected devices, the
user of the device and their
associated traffic to be pro-
filed. This in turn allows the
creation of company-wide
policies that determine
who should have what level of network access, regardless
of where they physically connect to the network. This could
be wirelessly connected in the company headquarters or
physically plugged in with a cable while out maintaining a
remote asset. In another example, if a company employee
logs onto a company laptop and accesses the network, he/
she could be given unrestricted access. However, if a con-
tractor is logged onto the very same laptop, he/she could
be restricted to accessing just the automation devices and
servers they support.
Other technologies like Intrusion Prevention and Detec-
tion can continuously scan and monitor the traffic crossing
a network. These can delve deep into network packets,
providing a view into how the network and automation pro-
tocols are behaving. If something abnormal occurs within
the automation protocol, whether intentional or malicious,
alerts can be generated allowing operators early visibility of
potential issues. If the alerts relate to remote assets, opera-
tors can bring up closed-circuit video cameras, see what
is happening on that site and then provide the appropriate
response limiting the spread of any problems.
Remote assets don’t seem so remote
anymore
More and more process and automation managers are
looking for the infrastructure and technologies that will help
thembetter monitor and operate their satellite assets. Many
of thesemanagers have already begun themigration toward
IP tools, devices and services that can help them create a
single, streamlined communications platform. This move is
driving down the cost and complexity of monitoring
remote assets,while increasing critical data flows and improving
cyber security. As a result, remote assets are becoming
nearly as easy to manage as local assets.
This article was originally published on the website to be found
at
http://www.industrial-ip.org/knowledge-center/solutions/ remote-assets-and-services/simplifying-remote-asset-manage- ment-with-ip, and is reprinted with kind permission
Cell zone WLA example
Single VLAN SSID topology