Manualshelf

User's Manual

ManualsBrandsSiemens ManualsNetwork RouterSiemens Network Router Version: 1.2
12345678910
1. Introduction
Automation networks demand for a variety of security goals such that only basic
default-rules are preset. Nonetheless, these default rules provide a secure
configuration. The security modules are supposed to be easy to configure and
handle, also by non IT-experts. The security module can still be precisely
configured according to the user’s requirements. With expert knowledge the
configuration can be set manually in the advanced modus. The module can be
installed to an existing automation network without having to change the network
topology or having to configure new network nodes.
The configuration is set on a PC. It is possible to configure several security
modules at the same time over the network. For the replacement of broken devices
the configuration data can be stored on a removable media, the so-called C-Plug. If
a broken module has to be replaced only the removable media needs to be put in
the new module such that it starts working based on a secure configuration
immediately.
The module is based on the operating system VxWorks of WindRiver. Some
components such as packet filter and IPsec were used from OpenBSD, often
quoted as the „most secure operating system”. MiniWeb, a development of
Siemens, is used as a HTTPs server to provide a secure communication channel
for the configuration data between the configuration PC and the security modules.
MiniWeb is based on OpenSSL, it uses RC4, 3DES and provides key lengths of up
to 2048 bit.
Security modules can be combined in groups so that all modules of a group can
communicate with each other through IPsec tunnels. The internal network nodes of
a module and also of other modules can be automatically found without the need to
configure them manually. The Scalance S 612 can protect a network of up to 32
internal nodes. The Scalance S 613 protects up to 64 internal nodes and has an
extended temperature range of -20 ° to +70°. The computer software SOFTNET
Security Client provides a secure IP-based access from a PC to subnets. The
SOFTNET Security Client automatically enables a PC to communicate through a
secure tunnel with a security module. The security modules are supplied by a
redundant voltage supply of 24 Volts of DC voltage.
19-Aug-05 escrypt GmbH 5