Configuration and operation
6.10 Security
CP 443-1 Advanced (GX30)
82 Manual, 03/2019, C79000-G8976-C256-05
Activating IP access protection
Dynamically expanding the IP access protection list with the firewall deactivated
If security is activated while the firewall is deactivated, there is no IP access protection. In
other words IP access in this device status is not restricted to the IP addresses entered in
the IP access protection list.
Nevertheless, even in this device status, it is possible to expand the list for IP access
protection dynamically if you have suitable user rights. As result of this action, the added
entries are displayed in STEP 7 special diagnostics. Access protection is, however, only
effective when the firewall is activated.
Solution:
Activate the firewall in the configuration. With this, the blocking of access for IP addresses
not entered in the list becomes effective.
Importing certificates for SMTP with STARTTLS or FTPS
Certificate for authentication
To import a certificate you need to enable the security functions of the CP in STEP 7.
You import the certificate using the certificate manager in STEP 7. Follow the steps outlined
below:
1. Open the certificate manager.
– STEP 7 V5 / SCT: "Options" > "Certificate manager...".
– STEP 7 Professional: “Global security settings > Certificate manager”
2. Import the certificate that you stored previously in the file system of the PG / engineering
station.
– STEP 7 V5 / SCT: “Import”
– STEP 7 Professional: In the certificate table, open the shortcut menu "Import" (right
mouse button).
Security and STEP 7 special diagnostics activated - configuration activities
blocked
Modules with activated security configuration
Note the following behavior on modules with an activated security configuration:
Initial situation:
In HW Config, you open the "Module Information" dialog with the <Ctrl + d> keyboard
shortcut. From here, you can start STEP 7 special diagnostics.
To Next Page
Need help?
General
