Configuration and operation
4.8 Configuration of the CP in STEP 7 Professional
The security policy is a combination of one of the following security profiles and a security
procedure.
● Security profile
– No security profile
– Basic128Rsa15
– Basic256
– Basic256Sha256
If you enable several options, then depending on the settings on the communications
partner (client), the CP selects the profile with the the highest possible security.
● Security procedure
– Sign
– Sign and encrypt
● Anonymous access
– No access
– Read-only
– Read and write
Note
No connection with the "No access" option
When the Securityfunctions are enabled and the option "No access" is enabled with an
anonymous login, no connection is established. It is also not possible to browse the
address space.
In this case, a connection can only be established with a user name and password.
70
This corresponds to the Security profile "Basic128Rsa15" of the OPC UA
specification.
The CP uses signing and, if configured, 128-bit encryption.
This corresponds to the Security profile "Basic256" of the OPC UA specification.
The CP uses signing and, if configured, 256-bit encryption.
This corresponds to the Security profile "Basic256Sha256" of the OPC UA
specification.
The CP uses signing and, if configured, 256-bit encryption using the hash algorithm
SHA-256.
The CP only allows communication with signed frames.
The CP only allows communication with signed and encrypted frames.
The CP allows no access to the data of its OPC UA server.
The CP allows read access to the data of its OPC UA server.
The CP allows write access to the data of its OPC UA server.
Operating Instructions, 01/2017, C79000-G8976-C427-02
CP 443-1 OPC UA