Rockwell Automation Publication 1783-UM010C-EN-P - June 2019 21
Chapter 2
Industrial Firewall Use Cases
An Industrial Automation and Control System (IACS) is deployed in a wide
variety of discrete and process manufacturing industries. Such industries
include automotive, pharmaceuticals, consumer goods, pulp and paper, oil and
gas, and mining and energy. IACS applications are composed of multiple
control and information disciplines such as continuous process, batch, discrete
and hybrid combinations. A challenge that manufacturers face is the industrial
hardening of standard Ethernet and IP converged with IACS networking
technologies. Manufacturers must take advantage of the business benefits
associated with the Industrial Internet of Things (IIoT).
Industrial Firewall
Technology Overview
The industrial firewall (IFW) is used to separate networks with different
security requirements and is also strategically placed within a network to
monitor and log traffic. In this section, several architectures and the use cases
they are meant to address are discussed.
The following represents a summary of the use cases.
Table 4 - Types of Supported Industrial Firewall Technologies
Item Description
Mode of operation • Inline Transparent mode
•Inline Routed mode
• Passive Monitor-only mode
Network Protection • Cisco Adaptive Security Appliance (ASA)
• Intrusion Prevention and Detection (Cisco FirePOWER)
• Deep packet inspection (DPI)
Industrial firewall (IFW) • The Allen-Bradley® Stratix® 5950 Industrial Network
Security Appliance
• Cisco Industrial Security Appliance (ISA)
Application Use Cases • Equipment/Machine/Skid Protection
• Cell/Area Zone Protection
– Redundant star topology
– Ring Topology
• Cell/Area Zone Monitoring
Management Use Cases • Local Management
– Command Line Interface (CLI), Adaptive Security Device Manager
• Centralized Management
–Cisco FireSIGHT Management Center, Cisco Security Manager
• Change from local to centralized management of industrial firewalls
To Next Page
Loading...