Table of Contents
Advertisement
8 Further Notes on Operation
Access permissions using community name
The CP uses the following community names to control the access rights in the
SNMP agent:
Read access
Read and write access
Note the use of lower-case letters!
*)
MIB files for your SNMP tools
If you use an SNMP tool, you will find the MIB files relevant to the CP in the
STEP 7 installation in the following folder:
<Drive>\<Installation folder>\Siemens\Step7\S7DATA\snmp\mib
For the Automation System MIB, for example, these are the following files:
automationPS.mib
automationSmi.mib
automationSystem.mib
automationTC.mib
8.8
Possible security gaps on standard IT interfaces /
preventing illegal access
With various SIMATIC NET components, such as switches, a wide range of
parameter assignment and diagnostic functions (for example, Web servers,
network management) are available over open protocols and interfaces. The
possibility of unauthorized misuse of these open protocols and interfaces by third
parties, for example to manipulate data, cannot be entirely excluded.
When using the functions listed above and these open interfaces and protocols (for
example, SNMP, HTTP, Telnet), you should take suitable security measures to
prevent unauthorized access to the components and the network particularly from
within the WAN/Internet.
Notice
We expressly point out that automation networks must be isolated from the rest of
the company network by suitable gateways (for example using tried and tested
firewall systems). We do not accept any liability whatsoever, whatever the legal
justification, for damage resulting from non-adherence to this notice.
B−44
Type of access
Community name
public
private
CP 443-1 for Industrial Ethernet / Manual Part B
C79000-G8976-C223−06
*)
Release 07/2010
Advertisement
Table of Contents
