(TLS). These features allow an Ethernet switch to handle HyperText Transfer Protocol Secure (HTTPS), the highest level of Web access security available.

Other security strategies available to Ethernet equipment include port security, remote Telnet access security, password protection and remote unit cut-off protection. Appendix B offers a brief primer on the components of some of the most well-known security standards.

BEYOND THE SWITCH

Broader system security policies, physical and functional models, risk analysis, asset management and critical aspects of running and maintaining a security program are addressed in detail by bodies such as SP99 and PCSRF. The open approach of inviting industry wide input and comment will greatly improve security at all levels . . . national, business and personal.

Thanks to the forerunners in the commercial environment, there is a strong base from which industrial users can begin the work of adapting and customizing current security standards and protocols to support industrial applications. But, as they begin to reap the benefits of remote access, care must be taken to avoid security breaches. Commerce has led the way with highly secure financial, medical, and retail applications, however, the complexities of industrial security require careful thought and planning – and in many cases, a different take on a security strategy.

User authentication for controlling access and encryption are not only desirable but essential for secure industrial applications. Ethernet switches with web management can offer a powerful point of control. Additionally, remote web management is desirable and feasible with currently available hardware and software, including GUIs for simplicity and ease-of-use. However, complete end-to-end design for security is necessary, and it is incumbent on everyone to work toward highly secure network systems that enable the industry to take advantage of the tremendous time- and cost-savings of web-based networking.

A single white paper cannot possibly provide the specific guidelines that multiple prestigious industry working committees are laboring to describe. At the same time, this white paper is intended to be helpful by providing a basic understanding of the security levels that can currently be achieved at the

5

Page 6
Image 6
GarrettCom Ethernet Networks and Web Management manual Beyond The Switch