Rockwell Automation Publication 1783-UM010C-EN-P - June 2019 97
Firewall Modes Chapter 8
Industrial Firewall Use Cases
The IFW is used to separate networks with different security requirements and
is also strategically placed within a network to monitor and log traffic. In this
section, several architectures and their use cases are discussed.
Machine/Skid Protection
The machine/skid protection use case is used to separate a machine, skid, or
unit from a higher-level network. This protection could be to support different
security requirements between the larger network and the machine/skid or to
restrict ingress and egress traffic.
As shown in Figure 26
, the Transparent Mode firewalls are placed between a
larger network and a grouping of automation equipment that act as a machine,
skid, or unit.
Figure 26 - Industrial Firewall Placement for Machine/Skid Protection
In each case, the IFW acts as an ingress and egress point to the machine/skid
where traffic can be monitored or controlled through firewall or DPI security
policies.
To Next Page
Loading...