Application and properties
1.4 Performance data and configuration limits
CP 1243-7 LTE
Operating Instructions, 01/2015, C79000-G8976-C381-01
17
Secure underlying networks can be operated via additional Ethernet/PROFINET interfaces of
the CPU.
As a result of using the CP, as a Security module, the following additional Security functions
are accessible to the S7-1200 station on the interface to the external network:
●
– IP firewall with stateful packet inspection (layer 3 and 4)
– Firewall also for "non-IP" Ethernet frames according to IEEE 802.3 (layer 2)
– Limitation of the transmission speed ("Bandwidth limitation")
– Global firewall rules
●
Communication made secure by IPsec tunnels (VPN)
VPN tunnel communication allows the establishment of a secure IPsec tunnel for
communication with a Security module.
The CP can be put together with other modules to form VPN groups during configuration.
IPsec tunnels are created between all Security modules of a VPN group. All internal
nodes of these Security modules can communicate securely with each other through
these tunnels.
●
To allow monitoring, events can be stored in log files that can be read out using the
configuration tool or can be sent automatically to a Syslog server.
For information on configuring the Security functions, refer to the section Security functions
(Page 58).
You will find further information on the functionality and configuration of the Security
functions in the information system of STEP 7 and in the manual /5/ (Page 130).
Performance data and configuration limits
Number of simultaneous connections for telecontrol communication
● 1 reserved connection for user data exchange with the telecontrol server
Number of possible partners for inter-station communication
● Max. 13 CPs as partners for inter-station communication
Of which:
– Max. 3 sending partners
– Max. 10 receiving partners
● Partners can be S7-1200 mobile wireless CPs with a data point configuration.
To Next Page
Loading...
Need help?
General
