Hi Pablo,

Are you a Check Point employee? I reconfirmed and the document is open to all Check Point employees.

If you still face problem with opening the document, please share with me your email address and I will send you the document.

Hello , I'm not a Check Point Employe , just currently working on a Latam Distributor, thanks for sharing this info.

this explain the reason why you can't open the document.

In SCADA and ICS environment each and every system component is characterized by a specific role, having unique network behavior related to the other system components

• The SCADA server will manage communication with the RTUs and PLCs, Will provide services to the working stations and manage writing to the historian server.
  
• PLCs and RTUs communicates with the SCADA server and occasionally connected by engineering stations
  
• Working stations connects to the SCADA server and don’t require connectivity to any other of the system components.
  
• Historian server database, get write commands from the SCADA server and the data is read by operational intelligence solutions for reports generation.

Due to this relatively simple network behavior, it is possible to use Firewall policies to Alert and even block unauthorized activities and as a result enhancing significantly the system security.

Few examples:

We would like to authorize communication in Modbus protocol between the SCADA server and the PLCs and communication between the SCADA server and the historian server.

While on the same time we want to ban any communication between the workstation the PLCs and historian server. At this current situation, even if the workstation will be infected by a malware which will attempt to communicate with the PLCs and the historian server, the attempt will fail and the traffic will be blocked.

Hi Shlomi. I cant open it neither. My email is galvarez@checkpoint.com  Thanks

The document is actually the same as the content Shlomi shared already.