Configuring basic firewall settings For basic firewall configuration information, refer to the Firewall WBM topic in the main PLCnext Technology ‑ Info Center. Log in to the WBM. Return to topicHow do I get to the WBM again? Click here for more information… Establishing a connection to the Web-based… Read More
Security logging Log in to the WBM. Return to topicHow do I get to the WBM again? Click here for more information… Establishing a connection to the Web-based Management (WBM): Open a web browser on your computer. In the address field, enter the URL… Read More
Checking SD card settings Note: Make sure that the Security Profile is activated before you start encrypting the SD card. For BPC 9102S and RFC 4072S When using a BPC 9102S or RFC 4072S, the use of an external SD card is mandatory. In a security context, you must use encrypted SD cards. Make… Read More
Activating HMI Activating PLCnext Engineer HMI For information on how to create a PLCnext Engineer HMI application, refer to the topic Creating a PLCnext Engineer HMI application in the PLCnext Technology ‑ Info Center. For information on user roles and permissions, refer to the User Authentication WBM topic in the main PLCnext Technology ‑ Info Center. Before you can use an HMI application… Read More
Use cases and security context PLCnext Technology is supporting different security use cases: Openness is the leading approach, security is not a leading requirement: Industrial Security application note (AH EN INDUSTRIAL SECURITY) must be considered Security is an overall system design requirement, and is ensued by the system… Read More
Activating PROFINET A large port range is required for the use of PROFINET as the system automatically selects the required ports depending on the network configuration. To restrict access to the PROFINET interfaces, the IP addresses of the PROFINET devices must be configured so that only the controller… Read More
PLCnext Technology security hardening To use PLCnext Technology as an IEC 62443-4-1/4-2 certified component, the activation of the Security Profile is mandatory. In addition, the automation system design must fit the security context and the generic use cases described in this PLCnext Technology ‑ Security Info Center. With activated Security Profile PLCnext Technology supports the following… Read More
PLCnext starting up The starting up of a PLCnext Control in a security context includes the following steps: Checking the device Deriving IP addresses Assigning IP addresses Configuring TLS Generating self-signed HTTPS certificates in the WBM Uploading the certificate in the browser Activating the Security… Read More
Periodic security maintenance activities You must check regularly: user roles and permissions password complexity rules and password changes firewall settings all security-related settings the product download area for firmware updates the PSIRT webpage for known security vulnerabilities Security functionality verification… Read More
Example: Secured OPC UA Communication On the ‘Security’ page of the ‘OPC UA’ PLANT tree node, you can specify settings regarding certificates and authentication which must be performed successfully in order to establish a secure connection between OPC UA clients and the OPC UA server. Furthermore, you can… Read More
