RS422 and other serial port protocols often require communication between two devices for things like flow control and the like. Disabling bidirectional communication is technically possible but it would likely break your communication software that rides on this connection.
There really isnt a firewall implimentation for this layer, though you could use a RS422 Monitor or Analyzer to monitor the data being sent at this hardware layer. If you are using PPP or SLIP or another protocol to encaplute TCP/IP over the serial connection, you can use a TCP/IP firewall on the software layer. Otherwise, without TCP/IP you don't have any ports to connect to, so a standard firewall would do nothing.
So the question isn't "should we connect to this physical port", but rather "what kind of data is being exchanged over this physical layer".
As far as weither it is safe to connect it to a network, the answer would be in how safe the network is to connect to. If the network is itself issolated and the computers connected to issolated from any external connection, and all updates and software installed on the systems are audited and verified with the vendors, I would say it's very reasonable that it would be safe to connect to a network.
There would need to be strictly followed protocols with people who have access to the network. No plugging in thumb drives that have data from outside the network, no plugging an i-pod into a usb port just to charge it, etc. Data isolation is important to maintaining a truely secure network.
I'm not really sure why this got moved to the XP forum. This is a general virus discussion. As it probably relates to the infection vectors with the recently highly publicized Stuxnet worm, which has a payload of taking control of industrial control systems.
Edited by Gabrial, 13 October 2010 - 11:00 PM.