John,
As others have said, Jefferson also uses the router/firewall technique. The
router refuses to route to the IOC's except from a designated list of machines
outside of that subnet which need access to a few signals. This would be
my recommendation to you.
(We also use a CDEV gateway in the same way that APS uses a channel
access gateway; we have one gateway providing readonly access, and
another within the secured subnet with read/write access).
Chip
- References:
- Protecting EPICS IOCs on ethernet John A. Priller
- Navigate by Date:
- Prev:
RE: Protecting EPICS IOCs on ethernet Jeff Hill
- Next:
STR7510 sun2
- Index:
1994
1995
1996
1997
1998
<1999>
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
Re: Protecting EPICS IOCs on ethernet Andy Foster
- Next:
Re: Protecting EPICS IOCs on ethernet Alan K Biocca
- Index:
1994
1995
1996
1997
1998
<1999>
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
|