The keys to a secure, reliable Ethernet connection
16 September 2021 | 0
In association with RS Ireland
David Garcia, product manager at Moxa, spoke to RS Ireland about what is needed to create a secure, future-proof Ethernet network.
What are some of the most common causes for Ethernet connectivity issues today?
Anything with an IP address on an open network can be susceptible to unauthorised access. So, to minimise this, any good network design will include using managed network switches with enhanced security features, as well as using a layered approach between each connection to mitigate the potential for a breach.
This concept known as defence-in-depth – which includes segmenting the network, creating secure tunnels for secure remote access by adding firewalls between each network segment – is a great way to filter out any unwanted traffic, create rules to tightly control communication, and essentially ensure that nothing outside the network is talking to the device that is not supposed to. Following defence-in-depth security measures is a great way to not only secure your network, but also enhance the performance, provide visibility, and minimise downtime.
Let’s be clear, the time for basic connectivity is long gone; it is no longer enough to simply plug your device to the network. Remote access, asset visibility, and access to data is driving the need for more security.
How do Ethernet connectivity needs vary across different sectors and what considerations need to be made when selecting appropriate network equipment?
There are quite a few considerations when selecting the right network switch. Reliability is an extremely important consideration for our customers who cannot rely on enterprise-level equipment to work in extreme environments day in and day out. Also considerations are going to be drastically different between say, a traffic light and a safety system in an oil and gas processing plant. If a switch goes out at a traffic light, you can dispatch a truck and drive to the location, but in a refinery or substation, a switch might be surrounded by flammable vapours and gasses. Depending on the situation, safety can be a real concern. In that case you are going to need equipment that can reliably operate at all times despite the environment.
The next thing to consider is future proofing your investment. You have to ask yourself questions like: Will this be good enough for a couple of years, or will you be needing to add more devices down the line? Do you foresee having to add a camera for security or process monitoring? Although this network is currently for an isolated remote system, will you one day need to connect to a SCADA [supervisory control and data acquisition] system or control centre that’s miles away? What about remote access to an isolated network – how secure is your access? I have never seen a network shrink; when the times comes to grow, you want to make sure the network has the ability, while being optimised and secure.
What are the some of the most common switch types, and what characteristics separate them from one another?
The most basic switch is called an unmanaged switch, which is essentially ‘plug and play’ for connecting devices in your panel to the network. The pros are cost and ease-of-use – they are great for basic device connectivity. The cons are a lack of visibility, so troubleshooting network issues is almost impossible and very time consuming. Also, there is no redundancy, so if you lose your connection there is no backup. This is not good, if you are trying to reduce downtime.
At the next level, we have managed switches which need to be configured, but they do so much more than any unmanaged switch. Managed switches offer visibility, performance enhancement, data management, and security.
Unfortunately, the biggest obstacle to adoption of managed switches for IT engineers is lack of expertise. They struggle with questions like what features they need, what price points should they look at, or if this is overkill for their needs.
Beyond these options, there are also modular switches, which are like back planes that have network and power modules that can slide in an out of a system. These are great for applications where you need flexibility and want to connect a lot of PoE or fibre. There are also rack mount switches.
To select the best switch for any Ethernet application, you must be clear about what you are trying to do first.