Date Code 20171006 Instruction Manual SEL-400 Series Relays
Instruction Manual
APPENDIX C
Cybersecurity Features
The SEL-400 series relays have a number of security features to assist users with
meeting their cybersecurity design requirements.
Ports and Services
Physical Ports
SEL-400 series relays include four serial ports and as many as four Ethernet
ports. Each physical serial port and Ethernet port can be individually disabled
using the EPORT setting. By default, all of the ports are enabled.
SEL recommends that unused communications ports be disabled.
SEL-400 series relays with a TiDL configuration also have eight EtherCAT ports.
These are always enabled, but they have a very limited functionality, as described
below.
IP Ports
When using Ethernet, there are a number of possible IP ports available within the
relay. Many of these IP port numbers are configurable. All IP ports can be dis-
abled and are disabled by default. Table C.1 describes each of these.
Note that IP traffic is only supported on station bus ports, so process bus ports
have no open IP ports. See Ethernet Communications on page 15.6 for more infor-
mation on these settings.
Ta b l e C .1 I P Por t Num bers
IP Port
Default
Port
Selection
Setting
Network
Protocol
Default Port
State
Port Enable
Setting
Purpose
21 -- TCP Disabled FTPSERV FTP protocol access for file transfer of settings and reports
23 TPORT TCP Disabled ETELNET Telnet access for general engineering terminal access
80 HTTPPOR TCP Disabled EHTTP Web server access to read various relay information
102 -- TCP Disabled E61850 IEC 61850 MMS for SCADA functionality
123 SNTPPOR UDP Disabled ESNTP SNTP time synchronization
319/320 -- UDP Disabled EPTP PTP time synchronization
4712/ 4713 PMOTCP1/
PMOUDP1
TCP/UDP Disabled PMOTS1 Synchrophasor data output, session 1
4712/ 4713 PMOTCP2/
PMOUDP2
TCP/UDP Disabled PMOTS2 Synchrophasor data output, session 2
20000 DNPPNUM TCP/UDP Disabled EDNP DNP3 for SCADA functionality
To Next Page
Loading...
