SCADA Security is an important issue in the automation world, and InduSoft would like to emphasize that the NTWebServer(.exe), and CEWebServer(.exe) for testing purposes only. Please do not use the NTWebServer or CEWebServer in real production. InduSoft recommends Microsoft’s IIS (Internet Information Services) Server for Web based applications.
In addition to Microsoft.com, there are multiple sources for assistance in configuring IIS. When configuring IIS, please follow the guidelines provided by Microsoft at the following resources:
For application security, please refer to InduSoft’s SCADA security section listed under “Project Security” (v7.0) or “Configuring a Security System” (v6.1) in the Technical Reference documentation.
It is important to minimize network exposure for all control system devices. Critical devices should not directly face the Internet. Control system networks and remote devices should be located behind firewalls, and be isolated from the business network. If remote access is required, secure methods such as Virtual Private Networks (VPNs) should be utilized.