EasyManua.ls Logo

Schweitzer Engineering Laboratories SEL-751 - Table M.1 IP Port Numbers

Schweitzer Engineering Laboratories SEL-751
934 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Date Code 20170927 Instruction Manual SEL-751 Relay
Appendix M
U.Instruction Manual
Cybersecurity Features
The SEL-751 provides a number of features to help meet cybersecurity design
requirements.
Access Control
The SEL-751 has a number of mechanisms for managing electronic access.
These include ways to limit access, provide user authentication, and monitor
electronic and physical access.
Physical Port
Controls
Each physical serial port and the Ethernet port can be individually disabled
using the EPORT setting. By default, all of the ports are enabled. It is good
security practice to disable unused ports.
IP Ports
When using Ethernet, there are a number of IP ports available within the
SEL-751. Many of these IP port numbers are configurable. All IP ports can be
disabled. Table M.1 describes each of these.
See PORT 1 on page 4.189 and Ethernet Port on page 7.3 for more
information on these settings.
Authentication and
Authorization
The SEL-751 supports four levels of access, as described in Access Levels on
page 7.17. Refer to this section to learn how each level is accessed and how to
change passwords. It is good security practice to change the default passwords
of each access level and to use a unique password for each level.
The MAXACC setting limits the level of access for each port. This permits
you to operate under the principle of “least privilege”, restricting ports to the
levels necessary for the functions performed on those ports.
Ta b l e M .1 IP Po r t N u m be rs
IP Port
Default
Port
Selection
Setting
Network
Protocol
Default
Port
State
Port
Enable
Setting
Purpose
21 -- TCP Disabled EFTPSERV FTP protocol access for file transfer of settings and reports
23 TPORT TCP Disabled ETELNET Telnet access for general engineering terminal access
102 -- TCP Disabled E61850 IEC 61850 MMS for SCADA functionality
123 SNTPPORT UDP Disabled ESNTP SNTP time synchronization
502 MODNUM1/
MODNUM2
TCP Disabled EMOD MODBUS for SCADA functionality
4712/
4713
PMOTCP1/
PMOUDP1
TCP/UDP Disabled PMOTS1 Synchrophasor data output, session 1
4722/
4713
PMOTCP2/
PMOUDP2
TCP/UDP Disabled PMOTS2 Synchrophasor data output, session 2
20000 DNPNUM TCP/UDP Disabled EDNP DNP for SCADA functionality

Table of Contents

Related product manuals