Recommended Practices

Secure Architecture Design

This secure architecture design is the result of an evolutionary process of technology advancement and increasing cyber vulnerability presented in the Control Systems Defense in Depth Strategies recommended practice.

Hover over the various areas of the graphic and click inside the box for additional information associated with the system elements.

Backup Control Center

Control System Applications Server

Control System Authentication DMZ

Control System Authentication Server

Control System Business Communications DMZ

Control System Configuration Server

Control System Data Acquisition Server

Control System DB DMZ

Control System Engineering Workstation

Control System External Business Communication Server

Control System Modem Pool

Control System Security DMZ

Control System Security Server

Corporate Authentication DMZ

Corporate Authentication Server

Corporate Business Workstations

Corporate DNS DMZ

Corporate eMail DMZ

Corporate eMail Server

Corporate FTP DMZ

Corporate FTP Server

Corporate Web Applications Servers

Corporate Web Server

Corporate Web Server DMZ

Corporate Wireless Access Points

Corporate Wireless DMZ

Field Controller/RTU/PLC/IED

Remote Business Peers