{}

Our Brands

Impact-Company-Logo-English Black-01-177x54

Schneider Electric USA Website

Welcome to our website.
How can we help you today?
What is the firewall security policy for communications between M580 controllers and OFS (OPC Factory Server)?
Issue
The defense-in-depth cybersecurity approach are being more and more used by the customers and they want to know the best practices of firewall rules for Control and Device Network (e.g., OFS on the Control network side and M580 on the Device network side).

Product Line
Ecostruxure Control Expert, OPC Factory Server, M580, ConneXium Tofino firewall

Environment
Control Expert v14.1, Windows 10 version 1902 (OS Build 18362.30), OPC Factory Server v3.62, BMEP586040 v3.10, ConneXium Tofino firewall

Resolution
The OPC Factory Server (OFS) uses UMAS protocol to communicate with M580 controllers and the UMAS is a Schneider Electric's protocol based on Modbus TCP/IP packet with function code 90. As a Modbus TCP/IP protocol, it uses the port 502 for communication that should be configured as a bi-directional rule in the firewall.

The link below is from a System Technical Note about "How to reduce vulnerability to Cyber Attacks" and you can find a detailed description of the EcoStruxure Plant with Security Zones (as the picture).
How can I reduce vulnerability to Cyberattacks?

Img1

Schneider Electric USA

Explore more
Range:
Articles that might be helpful Users group

Discuss this topic with experts

Visit our Community for first-hand insights from experts and peers on this topic and more.
Explore more
Range: