Re: SCADA

[Brian Loe <knobdy () gmail com>]

On Wed, Apr 15, 2009 at 8:27 PM, Daniel E. Hassler
<hassler () speakeasy net> wrote:
> OK - I expected this. As I stated I was/am not trolling. Heck - check the
> email headers - This noise is coming from Thunderbird on a WinXP Pro system.
> I don't expect this system is secure even with two different firewalls and
> an AV software product installed. Marcus - I've really enjoy your
> works/writings/postings and sincerely did not mean any offense.  I've read
> over and over about SCADA security issues but find practically nothing on
> the market to effectively address them. We can write a lot on the Firewall
> Wizards list about the woes of mixing today's connected business needs with
> yesterdays isolation is a form of security. My basic question is why aren't
> those who have a clue creating solutions to meet the business needs?  This
> is where I think our time is better spent (and the.the $$$ are). If I can
> rephrase my original question it would be more like: "I think we can do
> better, If we build it will they come?"
>
> Thanks,
>
> Dan Hassler

That's what gets us in trouble, IMO. We start looking for a device
that's going to do our job. Simply stated, just leave the SCADA
network where it belongs - by itself - and you'll be fine. Mess with
that architecture, as Marcus said, and you're CREATING the problem.

There are ways to provide for business reporting needs - but the SCADA
network is still mostly left alone. It does NOT involve remote access,
however.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards