Re: [foxboro] : DM Usage
- From: Jeremy Milum <jmilum@xxxxxxxxx>
- To: foxboro@xxxxxxxxxxxxx
- Date: Fri, 24 Sep 2004 08:48:02 -0500
On Thu, 23 Sep 2004 16:16:57 -0500, Blunier,
Mark <mark.blunier@xxxxxxxxxxxxxxx> wrote:
> If that were the case, I would make sure that the VNC
> is set up so that it can't be taken over. It might be messy
> if someone took over an engineer session.
Exactly. But it would also be annoying for a regular user
to have their VNC session usurped from them while they
were using it, which is why I disallow the disconnects on the
VNC server. I think it is unwise for VNC (by default) to
disconnect an active user just because another user wants
to connect.
> Having autologout wouldn't be good either.
> Getting autologged out when you have sysconfig
> open would not be good.
Yes, but I don't allow any configurators (except FoxDraw) to be
opened remotely. We do all block configuration on an actual
AW or WP. I might do some minor tuning from my office (with
operator approval) but that doesn't require a configurator
to be opened. Major tuning would be done in the field.
> I prefer to do engineering on a WP or PW, in close proximity to the
> operators. But then most of what I do is for making changes to a
> running plant that will (or could) affect the operators.
That is also our policy, but I do want our DCS engineers and technicians
to be able to get to use features via VNC that ordinary (i.e. not DCS people)
cannot. An example would be FoxSelect which is only accessible from
the Engineers environment at our plant.
I think that ease-of-use and security are inversely proportional.
There is a fine line that we must tread when trying to maximize
both of these. We have many layers of passwords (which are
changed regularly), IP address restrictions, and copious monitoring
of all remote (and local) DCS access.
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: http://www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
- References:
- Re: [foxboro] : DM Usage
- From: Blunier, Mark
Other related posts:
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] DM Usage
- » Re: [foxboro] : DM Usage
- » Re: [foxboro] : DM Usage
- » Re: [foxboro] DM_Usage
- » Re: [foxboro] DM_Usage
- » Re: [foxboro] DM_Usage
- » Re: [foxboro] DM_Usage
- Re: [foxboro] : DM Usage
- From: Blunier, Mark