Over the next few weeks I am going to be identifying existing security recommendations from the system vendors and linking to them. In each case this is the publically available information. For most companies if you are a customer it is possible to get more detailed and complete recommendations from your support staff. IT security professionals will probably find numerous points to comment on these but should keep in mind that there are often other controls that exist outside these documents.
The first item I am linking to is a Honeywell Experion Product information note.
From the Honeywell Experion product site that is part of their public Web.
It displays defense in depth, recommended access control mechanisms, business interface, DR, and other best practices.
Honeywell is definitely one of the companies giving more attention and thought to these topics.
If you are a Honeywell engineer or customer you should take a look and compare its recommendations to your real environment.
If you are a competing vendor you might want to compare it to your own recommendations.
I would also be interested in hearing comments from the IT security world in General for each of these posts.