Argonne National Laboratory

Experimental Physics and
Industrial Control System

1994  1995  1996  1997  1998  <19992000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  Index 1994  1995  1996  1997  1998  <19992000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020 
<== Date ==> <== Thread ==>

Subject: Re: Protecting EPICS IOCs on ethernet
From: Bill McDowell <wpm@aps.anl.gov>
To: tech-talk@aps.anl.gov
Date: Fri, 22 Jan 1999 13:47:24 -0600 (CST)
APS uses router technology to protect the control system from the
outside. The control system network is a separate subnet. Collaborative
Action Teams (Experimenters) assess EPICS data through a Channel Access
Gateway machine which is connected to the controls subnet as well as a
separate gateway subnet separate from all other subnets in the
facility. Software development is done  on a subnet which is separate
from both the controls subnet and the general office subnets. Access to
the control system from the offices is also done through the Channel
Access gateway machine(s). The Cisco IOS permits the use of access
control lists that allow filters to be constructed using the following
criteria:

Source IP address
destination IP address
transport layer type (TCP,UDP,ICMP)
source port
destination port


Outgoing telnet, ftp, rlogin, web, nntp, finger, real audio and video,
secure http, ssh and gopher are permitted.



There is a description of our 1997 network at:

http://www.aps.anl.gov/icalepcs97/schedual.html


Paper W3B-5

This network is being upgraded to a fully switched system with gigaabit
uplinks.


Bill McDowell


Navigate by Date:
Prev: Re: Protecting EPICS IOCs on ethernet Andy Foster
Next: RE: Protecting EPICS IOCs on ethernet Jeff Hill
Index: 1994  1995  1996  1997  1998  <19992000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020 
Navigate by Thread:
Prev: Re: Protecting EPICS IOCs on ethernet Ron Chestnut
Next: RE: Protecting EPICS IOCs on ethernet Jeff Hill
Index: 1994  1995  1996  1997  1998  <19992000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020 
ANJ, 10 Aug 2010 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·