Previous Page  43 / 56 Next Page
Information
Show Menu
Previous Page 43 / 56 Next Page
Page Background

41

industrial communications handbook 2016

it may be necessary to reconfigure some software to

work with the new ranges—such as SCADA and other

monitoring or control software—as well as firewall and

routing configurations.

6.7 Routing

Routing is directly and intrinsically related to the IP

structuring on the network. On a Greenfield project de-

signing routing is similar to designing the IP structuring

for the network. The same information is required as for

designing IP structures (list of devices and segregation

framework), as well as a list of what devices need to

intercommunicate with each other. From here, it be-

comes simple matter of planning out the routing table

and configuring the routing rules on all the routers. In

some cases it may also be possible to clean up the rout-

ing tables by super-netting multiple IP ranges together,

depending on the network design.

In an existing network that is being expanded, rout-

ing is similar to IP structure design, in that it can prove

to be extremely easy or monumentally hard. In some

cases it may be a simple case of adding a new route or

two to the routing table to cater for the new devices on

the network, whilst in others a complete redesign of the

network is required depending on the complexity of the

routing system. Furthermore, a redesign will require

reconfiguration of all end devices that require routing,

as their gateway IP address will need to be changed to

match the new network design. This again shows the

importance of correctly planning not only for the origi-

nal network in the starting phases, but also for future

upgrades and expansion.

6.8 Firewalls

A router is set up to move data between different sub-

nets. However, it only gives control over what data will

be routed where, not control over what data is allowed

to be routed where. For this, a firewall is required on

the network. Most industrial routers these days include

a firewall, but it is important to make the distinction

between the routing component of the device and the

firewall.

Setting up a firewall on a mission-critical site is

closely tied in with the router setup, and since both are

performed together, the firewall setup follows a similar

pattern to the routing setup when viewed from a Green-

field/non-Greenfield perspective. On an expanding net-

work, if we have originally catered correctly for the ex-

pansion, firewall setup will involve either setting up a

few new rules on an existing firewall, or implementing a

completely new firewall if none exists. Both options are

pretty straightforward as long as all the requirements

are clearly laid out. If the entire network needs to be

redesigned, the firewall will need to be reconfigured

entirely and this could be a time-drain and can cause

downtime on the mission-critical network.

On a Greenfield project, the firewall will also need

to be configured from scratch. As long as the previous

steps and all firewall requirements have been laid out

in a clear fashion, the actual configuration should not

take too long a period of time. Because firewalls (and

routing) are so closely tied in with the IP structure, the

amount of work that needs to be invested in the router

setup is largely dependent on the complexity and chang-

es on the IP structure of the network. However, as with

most other points, the ‘clean slate’ provided by a Green-

field project will generally provide time and production

savings, and also give the option of designing the net-

work to fit the application, rather than designing the ap-

plication to fit the network.

6.9 Less stress

Greenfield projects are almost always easier to work on

than existing networks, and if the benefits they provide

are understood and utilised, commissioning a stable

and secure network can be created from the get go. If

all steps are properly documented along the way, main-

taining this network should also prove to be straightfor-

ward. On the other hand, constantly making unplanned

changes and expansions on an existing network can

lead to a frustrating mess that constantly causes prob-

lems, especially if the changes are not properly docu-

mented. One of the most important considerations of

a Greenfield project, as has been stressed many times,

is to plan properly for future expansion and upgrades.

This will lead to time and production savings, as well as

greatly decreased frustration and stress for those who

are in charge of maintaining the network and attached

devices.

1 38 39 40 41 42 43 44 45 46 47 48 49 56  FlippingBook