Configuring with the WBM
7.3 The menu items of the WBM
SIMATIC RF185C, RF186C, RF188C, RF186CI, RF188CI
Operating Instructions, 04/2020, C79000-G8976-C512-03
89
Security settings
In the "Security settings" area, you can make security settings for the OPC UA interface.
Table 7- 17 Description of the parameters
Parameter
Description
Security profile
Specification of the security profile and the access options for the UA server of
the communication module
•
None
The "None" security profile is used. This profile does not offer any security
mechanisms (encryptions).
•
Basic 128
1)
This profile corresponds to the security profile "Basic 128" of the OPC UA
specification. The communication module uses signing and, if configured,
128-bit encryption.
•
Basic 256
1)
This profile corresponds to the security profile "Basic 256" of the OPC UA
specification. The communication module uses signing and, if configured,
256-bit encryption.
•
Basic 256 / SHA 256
This profile corresponds to the security profile "Basic 256 / SHA 256" of the
OPC UA specification. The communication module uses signing and, if
configured, 256-bit encryption using the hash algorithm SHA-256.
It is recommended that you use the highest security level (Basic 256 / SHA
256).
1)
The security levels "Basic 128" and "Basic 256" should only be used if no
other security profile can be used due to compatibility reasons.
Security method
Specifying the security method of the server
•
Sign or sign and encrypt
Depending on the settings on the communication partner (client), the
communication module selects the method with the highest possible secu-
rity.
•
Sign
The communication module only allows communication with signed
frames.
•
Sign and encrypt
The communication module only allows communication with signed and
encrypted frames.
Allow anonymous
access
If the check box is selected, the communication module allows anonymous
users access to the data of its OPC UA server.
Anonymous users do not need to specify a user name/password when estab-
lishing a connection. If anonymous access is not allowed, an OPC UA client or
a user must provide a valid user name/password combination of a user with
OPC UA rights. A user with OPC UA rights can be created via the WBM. The
user profile preinstalled in the factory (user name: "admin", password "admin")
also has OPC UA rights.