Operation
8.1 Operation
Installation and Operating Instructions SINAMICS G180
134
Operating Instructions, 02/2019, 4BS0751-007
8.1.15.3
Network security
SINAMICS must only be used in a secure and trustworthy network with a firewall. Note the
information in chapter "Network segmentation (Page 135)".
8.1.15.4
Separation between production and office networks
One important protective measure for your automation or drive system is the strict separation
of the production networks and the other company networks. This separation creates
protection zones for your production networks.
Note
The products described in this manual must only be operated in defined protection zones.
Separation by means of a firewall system
In the simplest scenario, separation is achieved by means of an individual firewall system
which controls and regulates communication between networks.
Separation via a DMZ network
In the more secure variant, the coupling is established via a separate DMZ (demilitarized
zone) network. In this case, direct communication between the production network and the
company network is completely prevented by firewalls and only takes place indirectly via
servers in the DMZ network.
Note
The production networks should also be divided into separate automation cells in order to
protect critical communication mechanisms.
General security measures
Adhere to the general security measures even within protection zones, e.g. the use of a virus
scanner or the reduction of points of attack.