Siemens SIMATIC RF185C Operating Instructions Manual page 11

● The following algorithms are supported for encryption:
● The following cipher suites are supported for HTTPS:
Firmware encryption
The firmware itself is signed and encrypted. This ensures that only authentic firmware can be
downloaded to the device.
Secure/non-secure protocols
● Check whether it is necessary to use SNMPv1. SNMPv1 is classified as non-secure.
Make use of the possibility to prevent write access. The product offers corresponding
settings for this.
● If SNMP is activated, change the community names. If unrestricted access is not
necessary, limit access via SNMP.
● Use secure protocols if access to the device is not protected by means of physical
safeguards.
The following protocols provide secure alternatives:
HTTP → HTTPS
● To prevent unauthorized access to the device or network, set up appropriate safeguards
against non-secure protocols.
● Enable only the services (protocols) that will actually be used on the device. The same
applies to the installed interfaces/ports. Unused ports could be used to access the
network downstream from the device.
SIMATIC RF185C, RF186C, RF188C, RF186CI, RF188CI
Operating Instructions, 04/2020, C79000-G8976-C512-03
Protocol
Web browser
OPC UA
OpenSSL name
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-CBC-SHA256
ECDHE-RSA-AES256-CBC-SHA384
Supported
signature algorithms
SHA1
SHA256 with RSA
SHA384 with RSA
SHA512 with RSA
SHA256 with RSA
SHA384 with RSA
SHA512 with RSA
Value
0x2F
0x30
0x27
0x28
Security recommendations
Supported key
and size
RSA 2048 bit
RSA 4096 bit
RSA 2048 bit
RSA 4096 bit
Browser
Chrome, Firefox
Chrome, Firefox
Internet Explorer 11
Internet Explorer 11
11