Download
Share
Print this page
Siemens SIMATIC NET RUGGEDCOM APE1808NOZ Configuration Manual
  1. Manuals
  2. Brands
  3. Siemens Manuals
  4. Network Hardware
  5. SIMATIC NET RUGGEDCOM APE1808NOZ
  6. Configuration manual
Siemens SIMATIC NET RUGGEDCOM APE1808NOZ Configuration Manual

Siemens SIMATIC NET RUGGEDCOM APE1808NOZ Configuration Manual

Networking components
Hide thumbs

Advertisement

Quick Links

Download this manual
Edition
03/2025
Configuration Manual
SIMATIC NET
Networking components
RUGGEDCOM APE1808NOZ
https://www.siemens.com/ruggedcom

Advertisement

loading
Need help?

Need help?

Do you have a question about the SIMATIC NET RUGGEDCOM APE1808NOZ and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Siemens SIMATIC NET RUGGEDCOM APE1808NOZ

Summary of Contents for Siemens SIMATIC NET RUGGEDCOM APE1808NOZ

  • Page 1 Edition 03/2025 Configuration Manual SIMATIC NET Networking components RUGGEDCOM APE1808NOZ https://www.siemens.com/ruggedcom...

  • Page 2: Simatic Net

    Preface Introduction Getting started SIMATIC NET Using the APE1808NOZ module Networking components RUGGEDCOM APE1808NOZ Updating the APE1808NOZ Troubleshooting and FAQ Configuration Manual 03/2025 C79000-G8976-1597-01...

  • Page 3: Legal Information

    Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems.

  • Page 4: Table Of Contents

    SIMATIC NET glossary ......................vi Registered trademarks ......................vi Warranty ..........................vi Training ..........................vi Customer support ........................vii Contacting Siemens ....................... vii Introduction ........................... 1 RUGGEDCOM APE1808NOZ ................... 1 Nozomi Guardian ....................2 1.2.1 Nozomi Guardian and APE1808NOZ ..............2 1.2.2...
  • Page 5 Table of contents Setting the BIOS Password .................. 24 Resetting the CLI and Web UI passwords ............. 25 Updating the APE1808NOZ ....................27 Updating Nozomi Guardian ................. 27 Backing up and restoring Nozomi Guardian ............27 Updating the BIOS ....................29 4.3.1 Changing the BIOS boot order ................

  • Page 6: Preface

    Siemens' products and solutions undergo continuous development to make them more secure. Siemens strongly recommends that product updates are applied as soon as they are available and that the latest product versions are used. Use of product versions that are no longer supported, and failure to apply the latest updates may increase customer's exposure to cyber threats.

  • Page 7: Simatic Net Glossary

    SIMATIC NET glossary The SIMATIC NET glossary describes special terms that may be used in this document. The glossary is available online via Siemens Industry Online Support (SIOS) at: https://support.industry.siemens.com/cs/ww/en/view/50305045 Registered trademarks The following and possibly other names not identified by the registered trademark sign ®...

  • Page 8: Customer Support

    Siemens Sales representative. Customer support Customer support is available 24 hours, 7 days a week for all Siemens customers. For technical support or general information, contact Siemens Customer Support through any of the following methods: Online Visit http://www.siemens.com/automation/support-request...
  • Page 9 Preface Contacting Siemens https://www.siemens.com viii RUGGEDCOM APE1808NOZ Configuration Manual, 03/2025, C79000-G8976-1597-01...

  • Page 10: Introduction

    Introduction The RUGGEDCOM APE (Application Processing Engine) is a miniature 64-bit computer designed to occupy a single line module slot in a RUGGEDCOM RX1500-series device. Paired with Nozomi Networks' Guardian software, the APE1808NOZ module allows you to passively monitor and visualize local network traffic, detect new assets communicating on the network, and detect potential cybersecurity threats.

  • Page 11: Nozomi Guardian

    The backplane port is an RJ45 Gigabit Ethernet (GbE) port that connects internally to the host RUGGEDCOM RX1500-series device. For technical specifications, installation instructions, and certification information, refer to the Modules Reference Manual [https://support.industry.siemens.com/cs/ww/ en/ps/21321/man] for the host device. Nozomi Guardian Guardian by Nozomi Networks is an embedded traffic analysis, asset management, and security utility.
  • Page 12 Introduction 1.2.1 Nozomi Guardian and APE1808NOZ Information collected by Nozomi Guardian about the network can be analyzed locally or forwarded to a Central Management Console (CMC) or Nozomi Vantage. A CMC provides operators with a consolidated view of all data collected from each Nozomi Guardian IDS in the field.
  • Page 13 Introduction 1.2.1 Nozomi Guardian and APE1808NOZ Operations center Application SIEM IDS Central Management server Console (CMC) Station router/firewall TLS encryption RX1500 with LAN-A LAN-B APE1808NOZ Mirror Figure 1.3 Sample topology that includes a CMC APE1808NOZ Ethernet ports The module features two RJ45 Gigabit Ethernet (GbE) ports. Switch fabric data plane Line module (10/100/1000Base-TX) RUGGEDCOM APE module...

  • Page 14: Nozomi Guardian Documentation

    Introduction 1.2.2 Nozomi Guardian documentation lgb1 (backplane) and mgmt (front) ports Figure 1.4 A RUGGEDCOM RX1500-series device with a RUGGEDCOM APE module installed Nozomi Guardian utilizes these ports as follows: • lgb1 port The internal lgb1 (or backplane) port connects directly to the host RUGGEDCOM RX1500-series device.

  • Page 15: License Renewal

    License renewal The APE1808NOZ module includes the licenses for Nozomi Guardian and any additional services that were purchased. At the end of the license period for each license, a new license must be purchased and activated via Siemens Customer Support. Note Upon license expiration, Nozomi grants subscribers up to three months to renew their subscription.

  • Page 16: Security Recommendations

    Introduction 1.3 Security recommendations 6GK6015-0SA00- X X X X Manufacturing option Standard Conformal coating Pre-installed feature Threat Intelligence Smart Polling, Threat Intelligence Asset Intelligence, Threat Intelligence Smart Polling, Threat Intelligence, Asset Intelligence Licenser term 1 year subscription, software, support 3 year subscription, software, support D 5 year subscription, software, support Software option Nozomi Guardian V100...
  • Page 17 • Make sure the latest firmware version is installed, including the latest security- related patches. For the latest information on security patches for Siemens products and security advisories, visit the CERT services website [https://new.siemens.com/global/ en/products/services/cert.html]. To stay informed about new product security advisories, consider registering for the Siemens ProductCERT mailing list or subscribing to the RSS feed.

  • Page 18: Available Services By Port

    Periodically audit the module to make sure it complies with these recommendations and/or any internal security policies. • Review the user documentation for other Siemens products used in coordination with RUGGEDCOM APE for further security recommendations. Available services by port...

  • Page 19: Decommissioning And Disposal

    Note For additional assistance in decommissioning the module, contact Siemens Customer Support. Recycling and disposal The module is low in pollutants, can be recycled, and meets the requirements of the WEEE directive 2012/19/EU for the disposal of electrical and electronic equipment.
  • Page 20 Introduction 1.5 Decommissioning and disposal For more information, refer to https://support.industry.siemens.com/cs/ww/en/ view/109479891. Note the different national regulations. RUGGEDCOM APE1808NOZ Configuration Manual, 03/2025, C79000-G8976-1597-01...
  • Page 21 Introduction 1.5 Decommissioning and disposal RUGGEDCOM APE1808NOZ Configuration Manual, 03/2025, C79000-G8976-1597-01...

  • Page 22: Getting Started

    Getting started This section describes how to set up, secure, and connect to the RUGGEDCOM APE module. This includes: To install and setup the APE1808NOZ module, do the following: Install and configure the module. This is only required if the module was purchased separately from the host RUGGEDCOM RX1500-series device.

  • Page 23: Installing And Configuring The Module

    Getting started 2.1 Installing and configuring the module Installing and configuring the module To install and configure the module for the first time, do the following: Note The following procedure is only required if the APE1808NOZ module was purchased separately from the RUGGEDCOM RX1500-series device. When purchased together, the APE1808NOZ module is installed and enabled at the factory.

  • Page 24: Assigning An Ip Address To The Mgmt Port

    Getting started 2.3 Assigning an IP address to the mgmt port Enter the following command to enter setup mode: setup Upon entering setup mode, you will be prompted to provide a new password for the admin profile. When prompted, enter a strong, unique password. From the setup menu, select X Exit.

  • Page 25: Activating A Nozomi Guardian License

    Nozomi Guardian can be deployed. Requirements Activation code • Provided by Siemens. • Nozomi Guardian machine ID The machine ID can be obtained from the module via the Nozomi Guardian Web To obtain the machine ID, do the following: Log in to the Nozomi Guardian Web UI.
  • Page 26 Getting started 2.5 Activating a Nozomi Guardian license Navigate to Administration » Updates and Licenses. Click Set new license for the Base license. A dialog box appears. Copy and record the machine ID. For more information, refer to Install a License [https:// technicaldocs.nozominetworks.com/products/n2os/topics/administration/ system/updates-licences/t_n2os_admin_system_updates-licenses_install.html? hl=license]...

  • Page 27: Configuring Port Mirroring

    Getting started 2.6 Configuring port mirroring Configuring port mirroring For Nozomi Guardian to receive traffic for analysis, make sure to first configure port mirroring on the host RUGGEDCOM RX1500-series device via RUGGEDCOM ROX. To configure port mirroring, do the following: On a PC with network connectivity to the host device's management port or physical access through the console port, access and log into the RUGGEDCOM ROX CLI or Web UI.

  • Page 28: Using The Ape1808Noz Module

    Using the APE1808NOZ module This section describes operations that are specific to the module itself, including: • Connecting to the module • Rebooting/powering down the module • Managing the USB ports • Managing storage media • Setting passwords Connecting to the module You can connect to the APE1808NOZ module either directly or remotely.

  • Page 29: Connecting Remotely

    Using the APE1808NOZ module 3.1.2 Connecting remotely NOTICE Security hazard – risk of unauthorized access Physical access to the module must be strictly controlled. Requirements • Monitor • USB keyboard • Cable with a DisplayPort connection end Procedure Connect a monitor and keyboard to the module. The following login prompt is displayed: N2OS –...

  • Page 30: Default Credentials

    Using the APE1808NOZ module 3.2 Installing/removing an SD card When prompted for a password, enter the password for the admin profile. Connecting remotely via HTTPS Connecting remotely via HTTPS grants access to Nozomi Guardian's Web UI. To connect remotely via HTTPS, do the following: Make sure the module is connected to the LAN via the mgmt port.

  • Page 31: Cleaning An Sd Card

    Using the APE1808NOZ module 3.3 Cleaning an SD card Enter the following command to enable the SD card slot: n2os-manage-sd -enable Insert the SD card into the slot. Reboot the module. Removing an SD card To properly remove the SD card, do the following: Access the Nozomi Guardian CLI.

  • Page 32: Unmounting A Usb Device

    Using the APE1808NOZ module 3.5 Unmounting a USB device Disabling the USB ports To disable the USB ports, do the following: Note Any devices connected to the module when the USB ports are disabled will be automatically unmounted. Access the Nozomi Guardian CLI remotely via SSH. For more information, refer to "Connecting to the module"...

  • Page 33: Setting The Bios Password

    To set the BIOS password, do the following: NOTICE Lost password If the BIOS password is lost, the module must be returned to Siemens for service. For more information, contact Siemens Customer Support. This service is not covered by warranty.

  • Page 34: Resetting The Cli And Web Ui Passwords

    Using the APE1808NOZ module 3.8 Resetting the CLI and Web UI passwords Enable Power On Password. Set the supervisor and power on password. Press F10 to save and reboot. Resetting the CLI and Web UI passwords To reset the Nozomi Guardian CLI and/or Web UI passwords, do the following: Connect a monitor and keyboard to the module.
  • Page 35 Using the APE1808NOZ module 3.8 Resetting the CLI and Web UI passwords RUGGEDCOM APE1808NOZ Configuration Manual, 03/2025, C79000-G8976-1597-01...

  • Page 36: Updating The Ape1808Noz

    Updating the APE1808NOZ This section describes how to update your APE1808NOZ module. Updating Nozomi Guardian Updating the software on your APE1808NOZ module must be done via Nozomi Guardian. For information about updating the Nozomi Guardian software, refer to the Software updates and rollbacks [https://technicaldocs.nozominetworks.com/products/ n2os/topics/maintenance/c_n2os_update-rollback_2.html] in Nozomi Guardian's...
  • Page 37 Updating the APE1808NOZ 4.2 Backing up and restoring Nozomi Guardian For more information, refer to "Installing/removing an SD card" (Page 21). Enter the following command to make sure the SD card does not already contain a backup file: zpool status Any error returned indicates the SD card already contains a backup file. Either start again with a different SD card or do the following: Clean the current SD card.

  • Page 38: Updating The Bios

    USB flash drive. Only when the module boots from the USB flash drive can the BIOS image be installed. BIOS images are available on the Siemens Industry Online Support (SIOS) website. They can be downloaded and saved directly to the USB flash drive, or placed on a secure, local server and downloaded by the upgrade tool during the installation process.

  • Page 39: Obtaining Ape Images

    4.3.2 Obtaining APE images 4.3.2 Obtaining APE images Images for your APE1808NOZ module, including the APE Software Upgrade Tool image, are available online at https://support.industry.siemens.com/cs/ww/en/ ps/21683/dl. A GPG signature is available for APE Software Upgrade Tool image to validate its authenticity. Note Do not change the filename of any APE image.
  • Page 40 Updating the APE1808NOZ 4.3.3 Updating the BIOS using the APE Software Upgrade Tool Flash the APE Software Upgrade Tool image to a USB flash drive. Using the image downloaded in step 1 (Page 30), create a bootable USB flash drive that can be used to update the module. The USB flash drive must have enough available memory to store the image and one APE software image.
  • Page 41 Updating the APE1808NOZ 4.3.3 Updating the BIOS using the APE Software Upgrade Tool IMAGEURL={ URL } Note If the URL is invalid or the apeflash.conf file is not detected during the installation process, the APE Software Upgrade Tool will automatically search the NTFS partition on the USB flash drive for an APE software image.

  • Page 42: Creating A Bootable Usb Flash Drive

    Updating the APE1808NOZ 4.3.4 Creating a bootable USB flash drive 4.3.4 Creating a bootable USB flash drive A bootable USB flash drive is required by the APE Software Upgrade Tool to update the BIOS on the RUGGEDCOM APE. Requirements • The latest firmware version of Kali Linux (https://www.kali.org/get-kali/#kali-live). •...

  • Page 43: Available Update Commands

    Updating the APE1808NOZ 4.3.5 Available update commands Under Target system, select BIOS (or UEFI-CSM). Click Start and wait for the application to complete the conversion process. At the end, the USB flash drive will be a bootable device. 4.3.5 Available update commands The following commands are available at the root@upg-stick prompt when using the APE Software Upgrade Tool: Command:...

  • Page 44: Troubleshooting And Faq

    Troubleshooting and FAQ The following describes select troubleshooting scenarios and frequently asked questions. For additional support, contact Siemens Customer Support. General troubleshooting The following describes potential solutions for common problems. Problem: Module does not boot Solution: If a RUGGEDCOM APE module does not boot up, it may be caused by one of the following issues: •...
  • Page 45 Troubleshooting and FAQ 5.1 General troubleshooting the syslog file contains no messages reflecting an improper boot of the RUGGEDCOM APE, return the RUGGEDCOM APE to Siemens. Note The last boot may have occurred some time in the past and may no longer be recorded in the syslog. If this is the case, restart the module to add entries to the syslog.
  • Page 46 For more information Siemens RUGGEDCOM https://www.siemens.com/ruggedcom Industry Online Support (service and support) https://support.industry.siemens.com Industry Mall https://mall.industry.siemens.com Siemens Canada Ltd. Digital Industries Process Automation 300 Applewood Crescent Concord, Ontario, L4K 4E5 Canada © 2025 Siemens Canada Ltd. Subject to change...