Appendix B - Security Considerations

Appendix B provides information about security considerations for FactoryTalk Analytics GuardianAI.

When deploying FactoryTalk Analytics GuardianAI within operations, considerations should be applied to the physical and cyber system security posture of the system. The FactoryTalk Analytics GuardianAI application is designed to run on a client supplied edge hardware and infrastructure.

System security is a paramount tenet of overall operation success. The following document and links are being provided as guidance on best practices of how to implement system security principles within industrial automation control systems. It is considered best practice for users of FactoryTalk Analytics GuardianAI to follow these practices to provide the best level of defense in depth security for their overall systems.

Security Publications

Publication Name	Description	Link
Converged Plantwide Ethernet (CPwE) Design	Converged Plantwide Ethernet Design Implementation Guide	Converged Plantwide Ethernet Design
Deploying Firewalls within CPwE Architecture	Use cases for designing, deploying, and managing industrial firewalls	Deploying Firewalls within CPwE
Deploy Identity and Mobility Services	Guidelines for protecting systems through deploying centrally managed defense in-depth security approach	Identity and Mobility Services
Secure Cloud Connectivity to CPwE	Application guide for securing cloud applications within CPwE Architecture	Secure Cloud Connectivity to CPwE
Deploy CIP Security within CPwE	Network security use cases for CPwE systems	Deploy Network Security in CPwE
Deploy CIP Security within CPwE	IEC 62443 security architecture use cases and design principles	Deploy CIP Security in CPwE
Physical Infrastructure within CPwE Architecture	Use cases for deploying robust physical infrastructure for industrial applications	Physical Infrastructure within CPwE Architecture