This is a tough one. Electric utilities are evaluating their security in and around routable protocols for control system networks to meet the requirements of NERC CIP. Your design should/must be based on the requirements that you fall under, based upon your NERC/FERC role.
Segregation is key. I have a utility network that is compliant and can offer you some help. Can you offer some insight as to the need to remote email and internet from the substation applications?
--Ron