This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires:
x Maintenance of various field devices, telemetry collection, and/or industrial-level process systems
x Access to facilities via remote data link or modem
x Public facing services for customer or corporate operations
x A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.