GE B30 Instruction Manual page 154
Ur series bus differential system protection relay
Hide thumbs
Also See for B30:
- Instruction manual (633 pages) ,
- Communications manual (532 pages) ,
- Technical reference manual (252 pages)
Table of Contents
Advertisement
5.2 PRODUCT SETUP
Supervisory
PATH: SETTINGS
PRODUCT SETUP
SUPERVISORY
The Supervisory menu settings are available for Supervisor role only or if the Supervisor role is disabled then for the
Administrator role only.
DEVICE AUTHENTICATION: This setting is enabled by default, meaning "Yes" is selected. When enabled, Device Authen-
5
tication with roles is enabled. When this setting is disabled, the UR only authenticates to the AAA server (Radius). How-
ever, the Administrator and Supervisor (when enabled) remain active even after device authentication is disabled and their
only permission is to re-enable device authentication. To re-enable device authentication, the Supervisor unlocks the
device for setting changes, then the Administrator re-enables device authentication.
BYPASS ACCESS: The bypass security feature provides an easier access, with no authentication and encryption for those
special situations when this is considered safe. Only the Supervisor, or the Administrator when the Supervisor role is dis-
abled, can enable this feature.
MODE
Normal mode
Bypass access mode
The bypass options are as follows:
•
Local — Bypasses authentication for push buttons, keypad, RS232, and RS485
•
Remote — Bypasses authentication for Ethernet
•
Local and Remote — Bypasses authentication for push buttons, keypad, RS232, RS485, and Ethernet
When CyberSentry is enabled, Modbus communications over Ethernet is encrypted, which is not always tolerated by
SCADA systems. The UR has the Bypass Access feature for such situations, which allows unencrypted Modbus over
Ethernet. Setting it to "Remote" ensures no authentication is required over Ethernet and Modbus communication is unen-
crypted. Only a Supervisor or Administrator (if Supervisor role is disabled) can enable this feature. Note that other protocols
(DNP, 101, 103, 104, EGD) are not encrypted, and they are good communications options for SCADA systems when
CyberSentry is enabled.
LOCK RELAY: This setting uses a Boolean value (Enable/Disable) to indicate if the device accepts setting changes and
whether the device can receive a firmware upgrade. This setting can be changed only by the Supervisor role, if it is enabled
or by the Administrator if the Supervisor role is disabled. The Supervisor role enables this setting for the relay to start
accepting setting changes or command changes or firmware upgrade. After all the setting changes are applied or com-
mands executed, the Supervisor disables to lock setting changes.
5-20
SECURITY
SUPERVISORY
DEVICE
AUTHENTICATION:Yes
BYPASS ACCESS:
MESSAGE
Disabled
LOCK RELAY:
MESSAGE
Disabled
FACTORY SERVICE:
MESSAGE
MODE: Disabled
SELF TESTS
MESSAGE
SUPERVISOR ROLE:
MESSAGE
Disabled
SERIAL INACTIVITY
MESSAGE
TIMEOUT: 1 min
FRONT PANEL OR SERIAL (RS232, RS485)
Authentication — Role Based Access Control (RBAC)
and passwords in clear
No passwords for allowed RBAC levels
B30 Bus Differential System
Range: Yes, No
Range: Local, Remote, Local and Remote, Disabled
Range: Enabled, Disabled
Range: Enabled, Disabled
See below
Range: Enabled, Disabled
Range: 1 to 9999 minutes
ETHERNET
Authentication — RBAC and passwords encrypted
SSH tunneling
No passwords for allowed RBAC levels
No SSH tunneling
5 SETTINGS
GE Multilin
Advertisement
Table of Contents
