IEI: Secure Network Design Principals

Tuesday, October 20, 2015 @ 11:10 AM gHale

By Gregory Hale
A network could go unnoticed or even unappreciated, but in today’s manufacturing enterprise, a proper design could be the difference between a secure, rugged process that keeps running smoothly or a nightmare that is not reliable, which will take away from the bottom line.

“The Ethernet today is not the same as it was when it was invented 40 years ago,” said Jim Laurita, technical service manager at Belden during his address entitled, “Industrial Ethernet Infrastructure: Design Best Practices” at the IEI Design Seminar in Schaumburg, IL, Tuesday. “There have been steady improvements.”

Unsupported ICS: Not an Easy Upgrade
Remedy to Fix Unsupported PKS Hole
Age of New and Different
German Steel Mill Attack: Inside Job

The improvements have been increased bandwidth, full duplex communication, bi-directional communication, no collisions, switching, prioritization and segmentation via a VLAN, Laurita said.

The beauty of Ethernet it keeps developing with greater robustness, bandwidth speed is increasing, there is a lower cost, it is an open technology and it is a non proprietary solution.

The beauty is the manufacturing sector can learn from how IT handled and used the technology.

“Automation is lagging behind IT by many years before gaining wider acceptance,” Laurita said. “Control and automation systems and applications are migrating from proprietary to open standards to enable seamless connectivity.”

What Laurita wanted to stress is the open and viable Ethernet is here to stay and, knowing that, people need to understand good basic design principals needed to have a secure and viable network.

“There is a common misconception about networking that ‘I have installed this at home, how hard can it be,’” Laurita said. “The home network is not plug and play, it is more like plug and pray. The practice of just installing industrial Ethernet equipment randomly for connectivity is not longer practical.”

Laurita showed a basic manufacturing network and went over the various key components to look at like:
• Consultation
• Physical side of the network
• Equipment selection
• Logical design
• Multicast control
• Redundancy
• Network security
• Wireless
• Other key aspects like power over Ethernet, time synchronization, user interface, troubleshooting and tips and tricks
• Network management

“Industrial Ethernet is more than just a physical ruggedization of IT equipment or block diagrams with lines,” Laurita said. “Users need to determine the applications now and in the future and focus on total lifecycle and cost of ownership. In addition, designing an industrial network requires knowledge and cross collaboration from many disciplines. There is not one person that knows all the answers.”

In short, a secure network design works and ensures a smoothly running process.

“A well designed network will result in the highest level of availability and scalability for the future and enhance the total lifecycle manageability of the asset.”