What options do I have to limit the client users who have access to my DCS?

 

OPC DataManager (ODM) is a highly versatile read/write OPC Client. Though its basic functionality is to provide point-to-point mappings of OPC Server items, many users have implemented ODM in their control systems to solve this very problem. Using Windows security to allow ODM full local permissions while you deny remote OPC Client permission to your DCS OPC Server(s) provides a highly effective security shield for your control system. Instead of your various remote OPC Clients “pulling” information from the DCS OPC Server(s) across the network, you can use ODM to “push” only the data you choose to one or more remote OPC Caching servers. The local OPC Client permissions on one of these Caching servers as compared to another would provide you the security flexibility of configuring which data points are broadcasted as read-only, and which can be controlled as read/write. If existing security policies in your company necessitate firewalls or there is no inherent trust relationships set up between these networks, ODM can be combined with OPC Tunnelling technology to enable reliable and secure OPC data connectivity throughout your process and office IT networks.

 

 

For more information see the whitepaper: Creating Secure OPC Architectures