Table of Contents
Advertisement
Considerations
Out-of-the-box, the module functions just like a 1756-EN2T module, except
that the module does not support the following:
• Integrated motion on EtherNet/IP networks
• ControlLogix® redundancy systems
• SIL 2 applications
• Email capabilities
• EtherNet/IP socket interface
Once security is enabled, modules like POINT I/O™ adapters, FLEX™ I/O
adapters, and PowerFlex® drives are not able to establish a secure connection
because they do not support secure tunnels.
When security is enabled, the module connects with:
• Upper level systems and user workstations with Windows 7 operating
systems
• Stratix 5900™ Services Router
• Cisco ASA security appliances
• Other 1756-EN2TSC modules
The module supports the current versions of common web browsers, such as
Internet Explorer (8 and 9). For security reasons, Secure Sockets Layer (SSL) 2.0
and 3.0 are disabled in the module. Browsers must enable support for Transport
Layer Security (TLS) 1.2.
The 1756-EN2TSC module lets only those devices with proper credentials
access the module. This module is intended for use behind an existing
firewall/DMZ that help protects the plant network from outside access.
To minimize complexity, the module supports the following authentication and
encryption methods.
• IPsec technology with as many as eight VPN tunnels (only one of which
can be a VPN appliance.
• Mobile Client
• Pre-shared key authentication
• AES encryption (128 bit, 192 bit, and 256 bit)
Rockwell Automation Publication ENET-UM003C-EN-P - November 2015
Secure Communication Architecture
Chapter 1
11
Advertisement
Table of Contents
