Siemens S7-1500 Operating Instructions Manual page 32

Simatic net

Hide thumbs Also See for S7-1500:

System manual (523 pages)

Function manual (402 pages)

Manual (188 pages)

Table Of Contents

Table of Contents

Configuration, programming

4.1 Security recommendations

Security functions of the product

Use the options for security settings in the configuration of the product. These includes

among others:

● Protection levels

Configure access to the CPU under "Protection and Security".

● Security function of the communication

– Enable the security functions of the CP and set up the firewall.

– Use the secure protocol variants HTTPS, FTPS, NTP (secure) and SNMPv3.

– Use the program blocks for secure OUC communication (Secure OUC).

– Leave access to the Web server of the CPU (CPU configuration) and to the Web

● Protection of the passwords for access to program blocks

Protect the passwords stored in data blocks for the program blocks from being viewed.

You will find information on the procedure in the STEP 7 information system under the

keyword "Know-how protection".

● Logging function

Enable the function in the security configuration and check the logged events regularly for

unauthorized access.

Passwords

● Define rules for the use of devices and assignment of passwords.

● Regularly update the passwords to increase security.

● Only use passwords with a high password strength. Avoid weak passwords for example

"password1", "123456789" or similar.

● Make sure that all passwords are protected and inaccessible to unauthorized personnel.

See also the preceding section for information on this.

● Do not use one password for different users and systems.

Protocols

Secure and non-secure protocols

● Only activate protocols that you require to use the system.

● Use secure protocols when access to the device is not prevented by physical protection

measures.

If you connect to public networks, you should use the firewall. Think about the services

you want to allow access to the station via public networks. By using the "bandwidth

restriction" of the firewall, you can restrict the possibility of flooding and DoS attacks.

The FETCH/WRITE functionality allows you to access any data of your PLC. The

FETCH/WRITE functionality should not be used in conjunction with public networks.

server of the CP disabled.

Operating Instructions, 05/2017, C79000-G8976-C289-07

CP 1543-1

Table of Contents

Show Quick Links

Quick Links:
Product Data
Installing and Commissioning the Cp 1543-1
Network Settings

Hide quick links:

Table of Contents

This manual is also suitable for:

Cp 1543-1

Siemens S7-1500 Operating Instructions Manual page 32

Hide quick links:

Related Manuals for Siemens S7-1500

Related Products for Siemens S7-1500

This manual is also suitable for:

Table of Contents