Protection
11.1
Overview of the protection functions
Introduction
This section describes the functions for protection from unauthorized access:
• Protection of confidential configuration data
• Access protection
• Know-how protection
• Protection by locking the CPUs
Other CPU protective measures
The following measures provide extra protection against unauthorized access from external
sources and through the network:
• Do not activate the Web API of the Web server.
• Do not activate the OPC UA server. You can find more information on the security
mechanisms for the OPC UA server in the Communication
(https://support.industry.siemens.com/cs/ww/en/view/59192925) Function Manual.
• Do not activate time-of-day synchronization over NTP servers.
• Do not activate PUT/GET communication.
11.2
Protection of confidential configuration data
As of STEP 7 V17, you have the option of assigning a password for protecting confidential
configuration data of the respective CPU. This refers to data such as private keys that are
required for the proper functioning of certificate-based protocols.
You can find detailed information on protecting confidential configuration data in the
Communication (https://support.industry.siemens.com/cs/ww/en/view/59192925) function
manual.
341
11
S7-1500R/H redundant system
System Manual, 01/2024, A5E41814787-AF