Siemens Version: 1.2 manual Executive Summary

Page 3

Executive Summary

Executive Summary

The Scalance S 612/S 613 is a security module to protect the communication between automation networks and to avoid attacks to the networks. The security module provides the functionality of a firewall and a virtual private network (VPN). The system is based on the operating system VxWorks and the firewall and VPN from OpenBSD, the web server and the packet filter for layer 2 were developed by Siemens.

Reliability and robustness are the crucial aspects for an automation network. The network must remain running even in the case of failures. The aspect of data security immediately follows in importance. Security and reliability sometimes induce different objectives and get in the way of each other. These aspects were incorporated in the standard configuration. Nonetheless the security module allows a secure configuration. The device can be installed without changing the existing network.

The security module fulfils its task well and fully protects an automation network. The simplicity of the configuration is to be emphasized where the security does not suffer. The device is built in an extremely robust manner and meets the special demands of automation networks in an excellent way. In total, the Scalance module provides a higher quality than most other security modules (also outside of the industrialization engineering branch).

19-Aug-05

escrypt GmbH

3

Image 3
Contents Version Date 19-Aug-05 VPN IndexExecutive Summary External network internal network IntroductionIntroduction Firewall Security ServicesAssumptions SystemFirewall function of the security module 2 VPNVPN-function of the Security-module Removable Media C-PlugConfiguration Management Firmware UpdateFirst Initiation User ManagementLearning Key Management 1 VPN Security AnalysisFirewall Web Server Operating SystemTime Synchronization and Logging ConfigurationBridge Configuration FilesSummary References