通过防火墙 (桥接/路由) 使用安全模块 SCALANCE S612 对自动化单元进行保护 (组态 5)

5.0 分

工业以太网

自动化系统>通信与网络组件>工业以太网

使用操作
Industrial Security

文档编号：22376747| 文档类型：应用实例与扩展工具| 发布时间：2023年12月04日

0
731
4625

内容预览：任务：在工业自动化中，涵盖整个生产的网络安全性是重中之重。在过去，自动化岛通常都在物理上各自为战，并通过现场总线集成安全性。现今，工业以太网解决方案蓬勃发展，全球办公应用中的联网技术层出不穷，而工业自动化领域的现场层级中仍存在诸多不安全的接口，因此安全问题被视为心腹大患。工业通信正在遭受着各种各样与办公应用和 IT 环境相同的危害，如黑客、病毒、蠕虫、木马；与此同时，与日俱增的通信负载 (广播) 也对工业通信的正常运行也起到了一定的负面作用。 ......

In order to protect the automation network from unauthorized access, the use of a firewall is an adequate solution.

All Security Integrated products have an IP-based stateful packet inspection firewall integrated.
With the SCALANCE S industrial security appliance (S615 and SC-600) and the SCALANCE M industrial routers, the IP-based stateful packet inspection firewall can be configured user-specifically.
The SCALANCE SC-600 industrial security appliance also supports the bridge firewall to protect that network.

This application example shows you how to use the firewall with the SCALANCE S industrial security appliance. You will learn the difference between the different firewall variants (IP-based, MAC-based, user-specific) and how to configure the different firewall variants.

The application example is explained using the following configuration:

Img01

An external (insecure) network and an internal network are connected to a SCALANCE SC-600 device. The internal network is to be protected against unauthorized access by the integrated firewall in the SCALANCE S.

Download
Here you can download the documentation:
Documentation (1,3 MB)
Show mobile friendly