VLANs
VLANs are great traffic management tools. VLANs work by having Ethernet switches insert a “tag” in to the header of each Ethernet message. Other switches on the network can read this tag and make decisions on whether a message should be forwarded. But switches with VLANs are not firewalls. They operate at layer 2 (the Ethernet layer) and don’t understand the “state” of the messages flowing through them. This makes the spoofing of VLAN tags trivial – there is no check to detect if a tag has been adjusted by a hacker.
Articles
- Plant Security: Access Granted
- Insidious threat to control systems
- Network Secures Process Control
- Segmenting control and automation networks from the business network
- Securing Wireless Ethernet on the Plant Floor