on 03-20-2014 3:23 AM
Hello community ...
We are in the need of putting our manufacturing assets behind a firewall to isolate the Production Control Networs for network traffic control as well as for security.
Our current landscape is the information flows from the PLC/Machines to our OPC/Historian and then to our MII servers.
Our possible solution landscape has two options, one is to put a firewall between the machines/plc and the OPC/Historian servers and the second option is to put a firewall between the OPC/Historian server and the MII application server.
Can any body share their experience about what have worked for you and if we decide to put firewall in between OPC.Historian and MII, how is this going to impact our environment and where PCo comes into the picture ?
Thank you in advance.
Guillermo Meza
If the access to historian/shop-floor Control Network goes through PCo, install PCo on the control network where the historian and OPC servers are, then firewall it, leaving open the ports used for it's setup [i.e. by default 9000 for communication with the agent and 500050 (I guess) for communication with the PCo Management Host web-service].
Keep the historian on the Control Network. You don't want the firewall to look at every data transaction between the instrumentation and the data repository. Sometimes, the instruments are supposed to log 100-1000 transactions per second.
Cheers,
paul.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
11 | |
6 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.