Scribd
Upload
244 views13 pages

Network Segregation

Segregacion redes automatizacion industrial

Uploaded by

solbahia
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
244 views13 pages

Network Segregation

Segregacion redes automatizacion industrial

Uploaded by

solbahia
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Network Segregation with the 9300-ENA

Webinar – July 2018

Andrew Coburn
Tech Support Engineer
July 26th, 2018

PUBLIC INFORMATION

Rev 5058-CO900E Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.
Agenda

Overview of the 9300-ENA

Application with NAT

Benefits

Demo of the 9300-ENA

Questions

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. 2
Features of the 9300-ENA
 Linux-based Ethernet network appliance

 Translates up to 128 Ethernet devices

 Supports 1:1 NAT and range NAT

 Supports RSLinx Classic Ethernet/IP driver

 SD card for easy configuration

 Ability to view all devices on the network

 Translates all protocols

 VPN availability
PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. 3
What is NAT?

 Network Address Translation is a service which can translate a packet


from one IP address to another IP address.
 Can be a Layer 2 or Layer 3 device Outside Subnet
 Has two forms: (ex. 10.0.0.x)
 One to Many (1:n) – a.k.a. TCP/UDP Port Address
Many Outside IP addresses
Translation (PAT). Allows Multiple devices to share (One per device wishing to be accessible from the Outside Subnet
one “Outside” address
 One to One (1:1) – Allows for the assignment NAT Enabled Device
of a unique outside IP address to a specific
Many Inside IP addresses
inside IP address (One per connected device)

Inside Subnet
(ex. 192.168.1.x)
Inside

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation,


4 Inc. All Rights Reserved.
Why Use NAT?
Allows a single device to act as an agent between the Plant (Outside) network and the Machine
(Inside) network

 Helps simplify integration of IP address mapping from a machine level IP addresses to the plant
network
 Allows Machine Builders to develop standard machines and eliminate the need for unique IP
addressing and code modifications
 Allows End Users to more easily integrate machines into their larger plant network without
extensive coordination with machine builders
 Provides better maintainability at the machines as they remain standard
 Allows for reuse of IP addresses allowing for more connected devices in a limited address pool.

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation,


5 Inc. All Rights Reserved.
Application – Identical Machines
Identical Machines installed connecting to the Plant Wide Network

Plant Wide Network


Machine A Machine B Machine C
9300-ENA 9300-ENA 9300-ENA
with NAT with NAT with NAT
Application Application Application

PanelView™ Controller PanelView™ Controller PanelView™ Controller


[Link] [Link] [Link] [Link] [Link] [Link]

Network Network Network


Switch Switch Switch

Kinetix® Kinetix® Kinetix®


[Link] [Link] [Link]

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. 6
Application

9300-ENA
with NAT Application

PanelView Controller
[Link] [Link]

Network
Switch

Kinetix
[Link]
PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.
Application

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.
Benefits

 Precision
Make network configuration changes on identical machines.

Machine A Machine B Machine C


Private Public Private Public Private Public
Controller [Link] [Link] [Link] [Link] [Link] [Link]

PanelView [Link] [Link] [Link] [Link] [Link] [Link]

Kinetix [Link] [Link] [Link] [Link] [Link] [Link]

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. 9
Benefits

 Flexibility
Free up IP addresses on the Public side

Machine A Machine B Machine C


Private Public Private Public Private Public
Controller [Link] [Link] [Link] [Link] [Link] [Link]

PanelView [Link] [Link] [Link]

Kinetix [Link] [Link] [Link]

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. 10
Benefits

 Segregation
IP addresses that are not in the translations will not flood to the other side of the
network.
Plant Network

9300-ENA with
NAT Application

PanelView™
[Link] Controller
[Link]

Kinetix®
[Link]

PUBLIC INFORMATION Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved. 11
Demo

PUBLIC INFORMATION

Rev 5058-CO900E Copyright © 2014 Rockwell Automation,12Inc. All Rights Reserved.


Questions

PUBLIC INFORMATION

Follow ROKAutomation on Facebook & Twitter.


Connect with us on LinkedIn.

[Link]

Rev 5058-CO900F Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.

You might also like