Service Bridge – Setup and Configuration
Entry ID: 109747975, V1.4, 05/2019
Siemens AG 2019 All rights reserved
4.2 Operational reliability and IT Security
The settings for increasing operational safety are based on the "Defense in Depth"
philosophy.
This means that individual, consecutive but independent protection measures are
used so that an attacker has to invest time and effort again for each protection
measure.
4.2.1 System configuration
Access possibilities to the device are configured in the Configuration overview in
the "System > Configuration" menu. For security reasons, unencrypted protocols
and some services have been disabled. The following settings are provided for the
Service Bridge:
System > Configuration
Figure 4-6
(1) The "Telnet Server" service for unencrypted access to the CLI (Command Line
Interface) via the Ethernet ports is disabled.
(2) The "HTTPS Server only" function is enabled, i.e. access to the WBM is only
supported via HTTPS. Access via HTTP is disabled.
(3) Access to the "DCP Server" (Discovery and Configuration Protocol) is set to
"Read-Only", i.e. the device parameters are write-protected. They can be read
via DCP but not modified.
(4) The function "SNMP" (Simple Network Management Protocol) is set to
"SNMPv3", which means that access to the device parameters is only possible
with SNMP Version 3. SNMPv1/v2c are disabled.
(5) The "SINEMA Configuration Interface" function is disabled, i.e. no loading
procedures are possible via PCS 7 or STEP 7 Basic / Professional.
PRONETA and the Primary Setup Tool use DCP for resets and assigning
network parameters. These functions are not available due to the configuration
of the DCP server to Read-Only.
To Next Page
Loading...
Need help?
General