GarrettCom Ethernet Networks and Web Management manual

be properly addressed, the benefits of controlling the functioning of equipment in remote locations such as power substations, and linking outlying facilities such as aircraft maintenance hubs and other far-flung industrial applications. Web access provides very significant efficiency improvements and cost-savings, but this is also the area of greatest threat since the whole world has access to the Internet.

Ethernet equipment vendors must, therefore, take the lead in providing security for Ethernet networks, and, furthermore, must support the more broad-based systemic security requirements from such standards bodies as the ISA and NIST and NERC.

Once a closed-loop network is opened to access to and from the web, password protection is no longer enough. While security has multiple components, Ethernet equipment can address security issues by providing protection in the areas of concern documented by the ISA SP99 committee:

•assuring that a user is who he/she claims to be (authentication) and access authorization for that user

•encryption and validation as data crosses the Internet so that it cannot be easily accessed and stolen

•filtering and blocking access control

•providing audit, measurement, monitoring and detection tools;

While Ethernet switch management software can, and should, attend to these components, implementation requires sophisticated security management advice making best use of standards, guidelines and experts.

ETHERNET SECURITY STANDARDS

Where web access is convenient, security does not have to be compromised. Authentication and encryption can be implemented today in industrial environments by using the same standards and controls that handle the world’s financial transactions via the web. Through established security standards, network management software can provide this functionality by providing Simple Network Management Protocol Ver. 3 (SNMP v3), Secure Socket Layer (SSL) and Transport Layer Security