Introduction - Siemens SCALANCE S615 Manual

Nat variants
Hide thumbs Also See for SCALANCE S615:
Table of Contents

Advertisement

1 Introduction

Introduction
1
Starting situation
The SCALANCE S615 is a module from the security module product line and
protects industrial networks and automation systems against unauthorized access.
Thanks to its diverse features, the security module enables protection of different
network topologies and flexible implementation of security concepts:
The option of VLAN structuring of its five Ethernet ports provides protection
against DoS attacks and unauthorized access.
Access to the device and the adjacent network can be protected by a firewall
and VPN.
Due to the configuration as a NAT router, the IP addresses of the industrial
networks or automation systems can be hidden from the outside world. In
addition, the IP address range can be used by multiple closed private networks
without causing address collisions.
Motivation for this documentation
Use of the SCALANCE S615 as a router and simultaneous support of common
NAT mechanisms provide numerous options for accessing the internal network or
automation system to be protected:
Static routing
NAPT
NAT
NETMAP
IP masquerading
Static routing is always preferable over all other NAT variants. Depending on the
use case, NAT requires significant extra effort in terms of configuration and
handling.
However, some configurations cannot be solved using routing, for example, if no
gateway is desired. In these cases, a suitable NAT method must be used.
NAT_S615
Entry ID: 109744660,
V1.1,
08/2017
4

Advertisement

Table of Contents
loading

Table of Contents