Additional Protective Measures For Network Security; Remote Access To Cpu; Using A Web Server; Recording Security Events - Siemens SIMATIC S7-1500 System Manual
Redundant system
Hide thumbs
Also See for SIMATIC S7-1500:
- Function manual (402 pages) ,
- System manual (393 pages) ,
- Manual (188 pages)
Table of Contents
Advertisement
Industrial cybersecurity
4.9 Secure operation of CPUs
4.9.8
Additional protective measures for network security
To secure a CPU via further measures, the following options are available:
• Use of the CP 1543-1 with security functions
The use of an Ethernet CP provides you with additional access protection through a
firewall and possibilities to establish secure VPN connections. See also operating
instructions SIMATIC NET: S7-1500 - Industrial Ethernet CP 1543-1
(https://support.industry.siemens.com/cs/us/en/view/67700710).
• Various measures increase protection against unauthorized access to functions and data
of the CPU from external sources and via the network. For information on the protection
functions, refer to the Overview of protective functions (Page 341) section, under Further
measures for protection of the CPU.
• You can find information on network security and network components for protection
against unauthorized access in the Network security section of the PROFINET Function
Manual (https://support.industry.siemens.com/cs/ww/en/view/49948856).
4.9.9
Remote access to CPU
4.9.9.1
Using a Web server
When using Web servers, traditional firewalls are no longer sufficient to protect modern
networks.
Information about potential risks when using Web servers can be found in the Web server
Function Manual (https://support.industry.siemens.com/cs/ww/en/view/59193560).
4.9.10
Recording Security events
Syslog storage
Syslog stands for "System Logging Protocol", a standard for storing, transmitting and
collecting log messages triggered by security events. Predefined events in a network device
are collected as security events in the device (syslog client) and stored as syslog messages in
the local cache.
A syslog server collects and categorizes syslog messages, which can then be analyzed and
filtered and displayed in various ways. Additionally, notifications for critical events can be
configured.
These security events are collected in the CPU diagnostic buffer:
• Going online with the correct or incorrect password
• Manipulated communication data detected
• Manipulated data detected on memory card
• Manipulated firmware update file detected
• Changed protection level (access protection) downloaded to the CPU
52
S7-1500R/H redundant system
System Manual, 01/2024, A5E41814787-AF
Advertisement
Table of Contents
