Table of Contents
Advertisement
6.11
Possible security gaps on standard IT interfaces: preventing
unauthorized access
With various SIMATIC NET components, such as switches, a wide range of parameter
assignment and diagnostics functions (for example, Web servers, network management) are
available using open protocols and interfaces. The possibility of unauthorized misuse of
these open protocols and interfaces by third parties, for example to manipulate data, cannot
be entirely excluded.
When using the functions listed above and these open interfaces and protocols (for example,
SNMP, HTTP), you should take suitable security measures to prevent unauthorized access
to the components and the network particularly from within the WAN/Internet.
Note
We expressly point out that automation networks must be isolated from the rest of the
company network by suitable gateways (for example using tried and tested firewall systems).
We do not accept any liability whatsoever, whatever the legal justification, for damage
resulting from nonadherence to this notice.
If you have questions on the use of firewall systems and IT security, please contact your
local Siemens office or representative. You will find the address in the SIMATIC catalog IK PI
or on the Internet at the following address:
(http://www.automation.siemens.com/partner/guisearch.asp)
6.12
Programmed communication connections
6.12.1
Programmed communication connections with FB55 IP_CONFIG
Downloading the configuration using FB55 IP_CONFIG
IP_CONFIG allows programcontrolled transfer of the configuration data.
Note
If the CP is in PG STOP mode and the configuration is downloaded using IP_CONFIG, the
CP then changes automatically to RUN.
CP 343-1 Lean
Manual, 10/2012, C79000−G8976−C198−07
6.11 Possible security gaps on standard IT interfaces: preventing unauthorized access
Notes on configuration and operation
45
Advertisement
Table of Contents
