Industrial cybersecurity
4.9 Secure operation of CPUs
S7-1500R/H redundant system
56 System Manual, 01/2024, A5E41814787-AF
4.9.11.1 Transfer the syslog messages to a syslog server
Requirements
If you want to transfer the syslog messages of a CPU to a syslog server, the following
requirements must be met:
• STEP 7 as of version V19
• CPU as of FW version V3.1
• A project has been created in STEP 7
• The device or network view of STEP 7 is open
Procedure
To configure the CPU to transfer syslog messages to a syslog server, following these steps:
1. Select the required CPU in the device or network view of STEP 7.
2. In the Inspector window, navigate to "Properties > Protection & Security > Syslog > Syslog
server".
3. In the "Connection to syslog server" area, select the "Enable transfer of syslog messages to a
syslog server" option. The selection options below become editable.
4. Select one of the following options from the "Transport protocol" drop-down list:
– "Transport Layer Security (TLS) - server and client authentication": Encrypted data
transfer, syslog server and client (CPU) must authenticate themselves.
– "Transport Layer Security (TLS) - only server authentication": Encrypted data transfer,
only the syslog server needs to authenticate itself.
– "UDP": Unencrypted data transfer, syslog server and client (CPU) do not need to
authenticate themselves.
In the next sections you can read how to select the certificates for authentication (logon)
depending on the settings specified.
5. In the "Addresses of the syslog servers" column, enter a valid server address.
6. In the "Port" column, enter one of the following port numbers depending on the transport
protocol used:
– Standard TCP port for TLS: 6514
– Standard UDP port: 514
To Next Page
Loading...
Need help?
General
