show the entry list
Industrial Security -- Product information -- System description
What should you watch out for when you enable the "SNMP" function in the configuration of the security module?
Which security modules support dynamic DNS and can use it to communicate with each other?
Why does the VPN LED of the SCALANCE M875 and MD741-1 continue to light although the secure IPsec tunnel connection is disconnected?
What should you watch out for when enabling and using the security functions of CP343-1 Advanced and CP443-1 Advanced?
How can you display the security status of the CP1628 over the Online View in the Security Configuration Tool (SCT)?
What remedies are there for weak points in WinCC flexible 2008 and WinCC V11?
Where can you find information on the topic of "Industrial Security"?
Industrial Ethernet S7-300/400 CPs -- Product information -- System description (protocols)
What are the differences between OPEN MODBUS / TCP Redundant V1 and OPEN MODBUS / TCP Redundant V2?
What should you watch out for when you enable the "SNMP" function in the configuration of the security module?
Which security modules support dynamic DNS and can use it to communicate with each other?
What should you watch out for when enabling and using the security functions of CP343-1 Advanced and CP443-1 Advanced?
What should you watch out for when upgrading from previous modules to the successor module CP443-1 or CP443-1 Advanced?
How do you verify the authenticity of the Siemens modules CP343-1 and CP443-1?
What should you watch out for when operating a port of CP343-1, 6GK7343-1CX10-0XE0 and 6GK7343-1EX30-0XE0 with firmware V2.1 or higher, with 10 Mbit/s half duplex?
Which IO controllers and IO devices support the following functions: IRT, prioritized startup, MRP, PROFIenergy, Shared device, I device and clock-synchronized mode?
Where do you procure the firmware extension for the CP 343-1 ERPC for database connection?
Which SIMATIC S7-300/S7-400 modules support the NTP time-of-day message and how do you activate this kind of time synchronization?
Which modules can you use when implementing software redundancy?
Which types of connection/protocols do the S7-300/400 CPUs and the CPs support by default?
Which PROFINET nodes support automatic commissioning and the replace device without interchangeable medium function?
Which PROFINET nodes support the extended PN diagnostics and what do you have to configure?
Using C-PLUG with network components and SIMATIC CPs
What properties have the communication services and protocols that can be used in the Industrial Ethernet network?
Behavior of the communication processors during data transfer via TCP connections without RFC 1006
What should you watch out for with the ICMP Redirect (Internet control message protocol) function regarding the IP address of the router used for Industrial Ethernet CPs?
What should you pay attention to with the autonegotiation function for negotiating the LAN mode in Industrial Ethernet CPs?
What is the connection between subnet masks and IP addresses with regard to subnetting and supernetting (Classless Inter Domain Routing CIDR)?
What are the requirements for using the S7 routing function and which modules can you implement?
In the case of open TCP/IP communication via Industrial Ethernet using T blocks with IE CPs and CPUs, why are different amounts of messages sent when the maximum length of 1452 bytes of user data is transferred?
What properties, advantages and special features does the ISO protocol offer?
What properties, advantages and special features does the UDP protocol offer?
What properties, advantages and special features does the ISO-on-TCP protocol offer?
What properties, advantages and special features does the S7 protocol offer?
What properties, advantages and special features does the TCP protocol offer?
What are the requirements for disabling the PROFINET CBA interface for CP443-1EX40?
"Time Wait" with TCP connection setup
What are the different data block lengths for the various protocols of Send/Receive communication?
What is RFC1006 and what do I need this service for?
Meaning and function of the "Keep Alive" in TCP connections
What should you watch out for when enabling and using the security functions of CP343-1 Advanced and CP443-1 Advanced?
Part number:

Description
By combining different security functions such as firewall, NAT/NAPT router and VPN (Virtual Private Network) over IPsec tunnel the CPx43-1 Advanced protects individual S7-400 stations, S7-300 stations and even complete automation cells against unauthorized access.

When you enable and use the security functions of the CPx43-1 Advanced you ensure that the CP has the current time and current date. Having the current time and date is extremely important for verifying the validity of the certificates used, for example, when you establish a secure IPsec tunnel connection to one or more security modules.
If you do not take the time from the station (CPU), you can synchronize the time using a SIMATIC procedure or the Network Time Protocol (NTP).

Note on security
Caution
The functions and solutions described in this article confine themselves predominantly to the realization of the automation task. Furthermore, please take into account that corresponding protective measures have to be taken in the context of Industrial Security when connecting your equipment to other parts of the plant, the enterprise network or the internet. More information is available in Entry ID: 50203404.

Additional Information
More information about time synchronization is available in the entries below.
 
Subject Entry ID
How do you configure the SIMATIC S7-300 as time master or time slave for time-of-day synchronization via Industrial Ethernet in SIMATIC mode? 44049612
How do you configure the SIMATIC S7-400 as time master or time slave for time-of-day synchronization via Industrial Ethernet in SIMATIC mode? 18130164
Which SIMATIC S7-300/S7-400 modules support the NTP time-of-day message and how do you activate this kind of time synchronization? 17990844

 Entry ID:62370912   Date:2012-07-23 
I regard this article....as helpfulas not helpful                                 
Print  
    © Siemens AG 2013 - Corporate Information - Privacy Policy - Terms of Use
mySupport
All personal data, information and functions at a glance - e.g.
My Documentation Manager 
Newsletter 
CAx-Download-Manager 
Support Request
To this entry
Print
Create PDF 
Send to a friend
QuickLinks
Compatibility tool 
Help
Online Help
Guided Tour