GE Industrial Solutions NEMA EVSE CHARGING STATION User Manual

g

EV Charging Station

User Manual & Installation Instructions

GE EV Charging Station User Manual

73 of 86

4.4.2 Option 2: Charging Station Network isolated from Customer Network with Host

System in a DMZ.

In this design, the charging stations are isolated from the customer network and the host system is
within a DMZ providing isolation from BOTH the Charging Station Network AND the Customer
Network. This minimizes the risks of someone compromising the charging station network or the
host system and using either to compromise or gain access to the customer network.

The host system is within a DMZ providing isolation from both the charging station network and the
customer network and communicates with the charging stations via a rule or access control list
entry which allows communications between ONLY the host system and the charging stations. A
rule or rules would be established to permit specific systems on the customer network to access the
host system.

Figure 70: Network Setup Option 2 –Networked Configuration with DMZ

This provides greater protection and isolation than the previous designs in this document. It’s not
perfect as the charging stations need to initiate some of the communications to the host system, so
a rule or ACL will have to be in place on the firewall to allow this communications. But it also isolates
that communications from the customer network. A properly configured firewall will provide greatly
enhanced protection to the customer network.

Required Components:



Host Application PC



Cat 5 Network Cables



Ethernet Switch



ASA5505 security plus firewall



Card reader, accessory from GE catalogue # EVRP01 (Note: only GE enrollment
readers work with this application)