Siemens ET 200SP Operating Instructions Manual page 16

Industrial ethernet

Hide thumbs Also See for ET 200SP:

System manual (320 pages)

Manual (270 pages)

Operating instructions manual (166 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

page of 122

/ 122
Contents
Table of Contents
Bookmarks

Table of Contents

Application and functions

1.6 Security functions (CP 1542SP-1 IRC, CP 1543SP-1)

● Secure telecontrol communication

The telecontrol protocols provide the following Security functions:

– TeleControl Basic

– DNP3

Security functions of the CP 1543SP-1

With Industrial Ethernet Security, individual devices, automation cells or network segments

of an Ethernet network can be protected. The data transfer via the CP 1543SP-1 can be

protected from the following attacks by a combination of different security measures:

● Data espionage

● Data manipulation

● Unauthorized access

Secure underlying networks can be operated via additional Ethernet/PROFINET interfaces of

the CPU.

As a result of using the CP, as a security module, the following security functions are

accessible to the ET 200SP station on the interface to the Ethernet network:

● Firewall

The firewall protects the device with:

– IP firewall with stateful packet inspection (layer 3 and 4)

– Firewall also for "non-IP" Ethernet frames according to IEEE 802.3 (layer 2)

– Limitation of the transmission speed ("Bandwidth limitation")

● Certificates

For the secure authentication of the communications partners, certificates are used.

● Communication made secure by IPsec tunnels (VPN)

VPN tunnel communication allows the establishment of secure IPsec tunnels for

communication with one or more security modules. The CP can be put together with

other modules to form VPN groups during configuration. IPsec tunnels (VPN) are created

between all security modules of a VPN group.

● Logging

To allow monitoring, events can be stored in log files that can be read out using the

configuration tool or can be sent automatically to a Syslog server.

● NTP (secure)

For secure transfer during time-of-day synchronization

As an integrated security function, the telecontrol protocol encrypts the data for

transfer between the CP and telecontrol server. The interval for the key exchange

between CP and telecontrol server is set to 1 hour.

The telecontrol password is used to authenticate the CP with the telecontrol server

The CP supports the Security mechanisms listed in the specification.

CP 1542SP-1, CP 1542SP-1 IRC, CP 1543SP-1

Operating Instructions, 01/2017, C79000-G8976-C426-03

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Cp 1542sp-1 Cp 1542sp-1 irc Cp 1543sp-1

Siemens ET 200SP Operating Instructions Manual page 16

Hide quick links:

Related Manuals for Siemens ET 200SP

Related Products for Siemens ET 200SP

This manual is also suitable for:

Table of Contents